<!DOCTYPE html>
<html>

<head>
	<meta charset="utf-8">
	<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
	<meta name="theme-color" content="#33474d">
	<title>云计算 OpenStack | 失落的乐章</title>
	<link rel="stylesheet" href="/css/style.css" />
	
      <link rel="alternate" href="/atom.xml" title="失落的乐章" type="application/atom+xml">
    
</head>

<body>

	<header class="header">
		<nav class="header__nav">
			
				<a href="/archives" class="header__link">Archive</a>
			
				<a href="/tags" class="header__link">Tags</a>
			
				<a href="/atom.xml" class="header__link">RSS</a>
			
		</nav>
		<h1 class="header__title"><a href="/">失落的乐章</a></h1>
		<h2 class="header__subtitle">技术面前，永远都是学生。</h2>
	</header>

	<main>
		<article>
	
		<h1>云计算 OpenStack</h1>
	
	<div class="article__infos">
		<span class="article__date">2017-10-12</span><br />
		
		
			<span class="article__tags">
			  	<a class="article__tag-link" href="/tags/OpenStack/">OpenStack</a>
			</span>
		
	</div>

	

	
		<h2 id="1-云计算概述"><a href="#1-云计算概述" class="headerlink" title="1.云计算概述"></a>1.云计算概述</h2><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;云计算是一个资源池，它为我们提供了诸如水、电、煤气一样的基础服务。</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;云计算是一种按使用量付费的模式，这种模式可以快速、高效地提供网络，服务器，存储，应用软件，服务等，我们不必关心如何实现，所以只需投入很少的管理工作，只需和服务供应商进行很少的交互。</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;云计算从广义上可以分为如下几种模式：IaaS（基础设施即服务）、PaaS（平台即服务）、SaaS（软件即服务）</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;IaaS Amazon、阿里云、腾讯云提供的云主机即IaaS，我们拿到的是一台机器，可以自定义操作系统。</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;PaaS 面向开发者，直接给用户提供一个平台来运行用户的程序，早期的idc服务商卖的主机、新浪的sae、阿里云的云数据库等。<br>    SaaS 卖的是服务，比如腾讯企业邮箱、印象笔记等</p>
<h2 id="2-openstack-简介"><a href="#2-openstack-简介" class="headerlink" title="2.openstack 简介"></a>2.openstack 简介</h2><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;openstack是目前比较流行的一个实现云计算平台的项目，<a href="https://www.openstack.org/" target="_blank" rel="external">官网</a></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;由NASA（美国国家航空航天局）和Rackspace合作研发并发起的，以Apache许可证授权的自由软件和开放源代码项目，用python语言开发，可以实现私有云或者公有云</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;主要有三个最基础组件：计算服务、网络服务、存储服务</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/01.png?raw=true" alt="01"><figcaption class="figure__caption">01</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;发布版本  <a href="http://releases.openstack.org/，目前稳定版本为Liberty" target="_blank" rel="external">http://releases.openstack.org/，目前稳定版本为Liberty</a></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;6个核心服务：nova（计算中心，对比阿里云的ESC，支持kvm,xen等虚拟化技术）、keystone（认证中心）、neutron（网络服务中心）、swift（对象存储服务，存储图片，附件等文件，对比腾讯云的COS）、cinder（块存储服务，云盘）、glance（镜像管理中心）</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/02.png?raw=true" alt="02"><figcaption class="figure__caption">02</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;openstack其他可选组件：</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/03.png?raw=true" alt="03"><figcaption class="figure__caption">03</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;实验环境：至少两台机器。</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;Controller Node: 1 processor, 2 GB memory, and 5 GB storage</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;Compute Node: 1 processor, 2 GB memory, and 10 GB storage</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;生产环境硬件要求：</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/04.png?raw=true" alt="04"><figcaption class="figure__caption">04</figcaption></figure></p>
<h2 id="3-前期准备"><a href="#3-前期准备" class="headerlink" title="3.前期准备"></a>3.前期准备</h2><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;在RHEL7/CentOS7上安装openstack  liberty</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;<a href="http://docs.openstack.org/liberty/install-guide-rdo/" target="_blank" rel="external">官方文档</a></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;两台虚拟机，安装centos7系统（准备两个网卡，一个NAT，另一个仅主机）</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;nat网卡设置ip，可以联网，仅主机的网卡只要我们windows可以通就行，主要是用远程连接工具远程连接的，如果登录很慢。则修改</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/ssh/sshd_config</span></div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/05.png?raw=true" alt="05"><figcaption class="figure__caption">05</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;修改为</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/06.png?raw=true" alt="06"><figcaption class="figure__caption">06</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;重启设置</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl restart sshd</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;关闭selinux</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># setenforce 0 </span></div><div class="line">[root@controller ~]<span class="comment"># vim /etc/selinux/config</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;关闭iptables</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl stop firewalld</span></div><div class="line">[root@controller ~]<span class="comment"># systemctl disable firewalld</span></div><div class="line">Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.</div><div class="line">Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;关闭NetworkManager</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl stop NetworkManager</span></div><div class="line">[root@controller ~]<span class="comment"># systemctl disable NetworkManager</span></div><div class="line">Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.</div><div class="line">Removed symlink /etc/systemd/system/dbus-org.freedesktop.NetworkManager.service.</div><div class="line">Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;centos7 配置iptables <a href="https://hcldirgit.github.io/2017/08/19/1.%20Linux%20%E5%9F%BA%E7%A1%80/69.%20CentOS%207%20%E4%B8%8B%E4%BD%BF%E7%94%A8iptables/" target="_blank" rel="external">CentOS 7 下使用iptables</a></p>
<h3 id="定义密码"><a href="#定义密码" class="headerlink" title="定义密码"></a>定义密码</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;在部署openstack过程中会在多个地方使用到密码，为了方便管理和安全设置，我们需要提前先定义好密码，使用命令mkpasswd -s 0生成随机字符串，没有 mkpasswd先安装</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum install -y expect</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div></pre></td><td class="code"><pre><div class="line">Database password (no variable used) Root password <span class="keyword">for</span> the database tn1Pi6Ytm</div><div class="line">ADMIN_PASS        Password of user admin 3qiVpzU2x</div><div class="line">CEILOMETER_DBPASS Database password <span class="keyword">for</span> the Telemetry service Czn3bF1hm</div><div class="line">CEILOMETER_PASS  Password of Telemetry service user ceilometer abquh12GU</div><div class="line">CINDER_DBPASS    Database password <span class="keyword">for</span> the Block Storage service O3bwbpoZ3</div><div class="line">CINDER_PASS      Password of Block Storage service user cinder hf8LX9bow</div><div class="line">DASH_DBPASS      Database password <span class="keyword">for</span> the dashboard 5qBZxnn1g</div><div class="line">DEMO_PASS        Password of user demo 9TtbgaA1q</div><div class="line">GLANCE_DBPASS    Database password <span class="keyword">for</span> Image service Zznky4tP0</div><div class="line">GLANCE_PASS      Password of Image service user glance Wuyaf4cV6</div><div class="line">HEAT_DBPASS      Database password <span class="keyword">for</span> the Orchestration service b7Fk5wjLg</div><div class="line">HEAT_DOMAIN_PASS Password of Orchestration domain 7Gotb3eoH</div><div class="line">HEAT_PASS        Password of Orchestration service user heat eqQ2jLgz0</div><div class="line">KEYSTONE_DBPASS  Database password of Identity service f6zx0gURv</div><div class="line">NEUTRON_DBPASS   Database password <span class="keyword">for</span> the Networking service quidyOC50</div><div class="line">NEUTRON_PASS     Password of Networking service user neutron mdcGVl29i</div><div class="line">NOVA_DBPASS      Database password <span class="keyword">for</span> Compute service RYgv0rg7p</div><div class="line">NOVA_PASS        Password of Compute service user nova hsSNsqc43</div><div class="line">RABBIT_PASS      Password of user guest of RabbitMQ o3NXovnz5</div><div class="line">SWIFT_PASS       Password of Object Storage service user swift 6ci5xWOdk</div><div class="line">METADATA_SECRET  m8uhmQTu2</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;两台机器，设置hostname</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/hostname</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;两台机器分别修改为 controller、compute。</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">hostnamectl <span class="built_in">set</span>-hostname controller</div><div class="line">hostnamectl <span class="built_in">set</span>-hostname compute</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑/etc/hosts：</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/hosts</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;添加</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">192.168.1.99 controller</div><div class="line">192.168.1.98 compute</div></pre></td></tr></table></figure>
<h3 id="controller上："><a href="#controller上：" class="headerlink" title="controller上："></a>controller上：</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum install -y chrony</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/chrony.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;增加或更改：  </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">allow 192.168.1.0/24</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/07.png?raw=true" alt="07"><figcaption class="figure__caption">07</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;保存后，执行</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl enable chronyd.service</span></div><div class="line">[root@controller ~]<span class="comment"># systemctl start chronyd.service</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;查看是否启动</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># ps aux |grep chrony</span></div><div class="line">chrony 26153 0.0 0.0 100636 1540 ? S 13:45 0:00 /usr/sbin/chronyd</div><div class="line">root 26359 0.0 0.0 112664 972 pts/0 S+ 14:18 0:00 grep --color=auto chrony</div></pre></td></tr></table></figure>
<h3 id="compute上："><a href="#compute上：" class="headerlink" title="compute上："></a>compute上：</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># yum install -y chrony</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># vim /etc/chrony.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;增加或更改： </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">server controller iburst</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/08.png?raw=true" alt="08"><figcaption class="figure__caption">08</figcaption></figure></p>
<p>改为</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/09.png?raw=true" alt="09"><figcaption class="figure__caption">09</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;保存后，执行</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># systemctl enable chronyd.service</span></div><div class="line">[root@compute ~]<span class="comment"># systemctl start chronyd.service</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;同样查看是否启动</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># ps aux |grep chrony</span></div><div class="line">chrony 25948 0.0 0.0 100636 1540 ? S 14:20 0:00 /usr/sbin/chronyd</div><div class="line">root 26009 0.0 0.0 112664 972 pts/0 R+ 14:28 0:00 grep --color=auto chrony</div></pre></td></tr></table></figure>
<h2 id="4-配置-yum-和更新"><a href="#4-配置-yum-和更新" class="headerlink" title="4.配置 yum 和更新"></a>4.配置 yum 和更新</h2><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;安装openstack的yum源（两个机器上都操作）</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum install -y centos-release-openstack-liberty</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;升级所有的包（两个机器上都操作）</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum upgrade</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;结束后重启系统</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;安装openstack 客户端和openstack-selinux</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum install -y python-openstackclient openstack-selinux</span></div></pre></td></tr></table></figure>
<h2 id="5-安装-sql-和-rabiitmq-服务"><a href="#5-安装-sql-和-rabiitmq-服务" class="headerlink" title="5.安装 sql 和  rabiitmq 服务"></a>5.安装 sql 和  rabiitmq 服务</h2><figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum install -y mariadb mariadb-server MySQL-python</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑配置文件 vim /etc/my.cnf.d/mariadb_openstack.cnf  加入下面内容</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/my.cnf.d/mariadb_openstack.cnf</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div></pre></td><td class="code"><pre><div class="line">[mysqld]</div><div class="line"><span class="built_in">bind</span>-address = 192.168.1.99</div><div class="line">default-storage-engine = innodb</div><div class="line">innodb_file_per_table</div><div class="line">collation-server = utf8_general_ci</div><div class="line">init-connect = <span class="string">'SET NAMES utf8'</span></div><div class="line">character-set-server = utf8</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;启动mariadb：</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl enable mariadb.service</span></div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.</div><div class="line">[root@controller ~]<span class="comment"># systemctl start mariadb.service</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;安全配置，设置root密码</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># mysql_secure_installation</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;设置root密码为 tn1Pi6Ytm</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;测试密码是否正常登录</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># mysql -uroot -ptn1Pi6Ytm</span></div><div class="line">Welcome to the MariaDB monitor. Commands end with ; or \g.</div><div class="line">Your MariaDB connection id is 10</div><div class="line">Server version: 10.1.18-MariaDB MariaDB Server</div><div class="line"></div><div class="line">Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.</div><div class="line"></div><div class="line">Type <span class="string">'help;'</span> or <span class="string">'\h'</span> <span class="keyword">for</span> <span class="built_in">help</span>. Type <span class="string">'\c'</span> to clear the current input statement.</div><div class="line"></div><div class="line">MariaDB [(none)]&gt;</div></pre></td></tr></table></figure>
<h3 id="安装-nosql"><a href="#安装-nosql" class="headerlink" title="安装 nosql"></a>安装 nosql</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;nosql数据库被Telemetry service用到</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;在这里我们安装的是mongodb</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum install -y mongodb-server mongodb</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑配置文件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/mongod.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改如下配置 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">bind_ip = 192.168.16.111</div><div class="line">smallfiles = <span class="literal">true</span></div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/10.png?raw=true" alt="10"><figcaption class="figure__caption">10</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;改为 </p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/11.png?raw=true" alt="11"><figcaption class="figure__caption">11</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/12.png?raw=true" alt="12"><figcaption class="figure__caption">12</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;改为</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/13.png?raw=true" alt="13"><figcaption class="figure__caption">13</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;启动服务</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl enable mongod.service</span></div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/mongod.service to /usr/lib/systemd/system/mongod.service.</div><div class="line">[root@controller ~]<span class="comment"># systemctl start mongod.service</span></div></pre></td></tr></table></figure>
<h3 id="安装消息列队（controller）"><a href="#安装消息列队（controller）" class="headerlink" title="安装消息列队（controller）"></a>安装消息列队（controller）</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;rabbitmq消息队列服务在openstack中起到非常关键的作用，它好比是一个交通枢纽，各个组件之间的通信由它来完成。</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum install -y rabbitmq-server</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;启动rabbitmq-server服务</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl enable rabbitmq-server</span></div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to /usr/lib/systemd/system/rabbitmq-server.service.</div><div class="line">[root@controller ~]<span class="comment"># systemctl start rabbitmq-server</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;添加openstack用户</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># rabbitmqctl add_user openstack o3NXovnz5 </span></div><div class="line">Creating user <span class="string">"openstack"</span> ...</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;密码 o3NXovnz5   用户名为openstack</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;为openstack用户授权</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># rabbitmqctl set_permissions openstack ".*" ".*" ".*"</span></div><div class="line">Setting permissions <span class="keyword">for</span> user <span class="string">"openstack"</span> <span class="keyword">in</span> vhost <span class="string">"/"</span> ...</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;允许openstack用户可以配置，可以写，可以读</p>
<h2 id="6-增加identity-keystone介绍-controller"><a href="#6-增加identity-keystone介绍-controller" class="headerlink" title="6.增加identity - keystone介绍(controller)"></a>6.增加identity - keystone介绍(controller)</h2><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;identity即keystone，它是openstack的验证中心，所有的服务都由它来认证。参考 <a href="https://hcldirgit.github.io/2017/08/19/OpenStack/3.%20keystone%E6%95%B4%E4%BD%93%E6%9E%B6%E6%9E%84%E4%B8%8E%E5%8A%9F%E8%83%BD/" target="_blank" rel="external">openstack keystone整体架构与功能</a></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;在keyston中有以下角色：tenants(租户或项目)、用户、角色、服务目录和端点</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;如果把宾馆比作为Tenant，住宿的人就是User ，宾馆可以提供多种诸如住宿、娱乐、饮食等多种服务（Service），具体来说，住宿是一种具体的服务（Endpoint）。就住宿而言，有普通间和总统套房，如果你的VIP等级（Role）高，你可以享受到豪华的总统套房。入住前，我们需要拿身份证开房（Credential），认证身份证不是冒牌货后  （Authenticaiton），会给你一个房卡（Token），然后你拿着房卡，就可以进入房间和享受各种服务。</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;以创建一个虚拟机（server）为例，keystone在openstack的访问流程大致如下：</p>
<p>1). 用户Alice通过自己的户名和密码向keystone申请token，keystone认证用户名和密码后，返回token1</p>
<p>2). Alice通过token1发送keystone查询他所拥有的租户，keystone验证token1成功后，返回Alice的所有Tenant</p>
<p>3). Alice选择一个租户，通过用户名和密码申请token，keystone认证用户名、密码、tenant后，返回token2。（其实1、2步仅仅是为了查询tenant，如果已经知道tenant，可以忽略1、2步）</p>
<p>4). Alice通过token2发送创建server的请求，keystone验证token2(包括该token是否有效，是否有权限创建虚拟机等)成功后，然后再把请求下发到nova，最终创建虚拟机</p>
<h2 id="7-增加identity-前期准备-controller"><a href="#7-增加identity-前期准备-controller" class="headerlink" title="7.增加identity - 前期准备(controller)"></a>7.增加identity - 前期准备(controller)</h2><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;登陆mysql，创建数据库 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># mysql -uroot -ptn1Pi6Ytm</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div></pre></td><td class="code"><pre><div class="line">MariaDB [(none)]&gt; create database keystone;</div><div class="line">Query OK, 1 row affected (0.00 sec)</div><div class="line"> </div><div class="line">MariaDB [(none)]&gt; GRANT ALL PRIVILEGES ON keystone.* TO <span class="string">'keystone'</span>@<span class="string">'localhost'</span> IDENTIFIED BY <span class="string">'f6zx0gURv'</span>;</div><div class="line">Query OK, 0 rows affected (0.00 sec)</div><div class="line"> </div><div class="line">MariaDB [(none)]&gt; GRANT ALL PRIVILEGES ON keystone.* TO <span class="string">'keystone'</span>@<span class="string">'%'</span> IDENTIFIED BY <span class="string">'f6zx0gURv'</span>; </div><div class="line">Query OK, 0 rows affected (0.00 sec)</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;说明，创建一个keystone库，并且授权给keystone用户所有权限，密码为f6zx0gURv</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;安装相关的包</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum install -y openstack-keystone httpd mod_wsgi memcached python-memcached</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;启动memcached服务 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl enable memcached.service</span></div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/memcached.service to /usr/lib/systemd/system/memcached.service.</div><div class="line">[root@controller ~]<span class="comment"># systemctl start memcached.service</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑keystone配置文件 /etc/keystone/keystone.conf 修改或增加配置如下</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/keystone/keystone.conf</span></div><div class="line">``` </div><div class="line"></div><div class="line">```bash</div><div class="line">[DEFAULT]</div><div class="line">admin_token = 3qiVpzU2x</div><div class="line">verbose = <span class="literal">true</span></div><div class="line">[database]</div><div class="line">connection = mysql://keystone:f6zx0gURv@controller/keystone</div><div class="line">[memcache]</div><div class="line">servers = localhost:11211</div><div class="line">[token]</div><div class="line">provider = uuid</div><div class="line">driver = memcache</div><div class="line">[revoke]</div><div class="line">driver = sql</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/14.png?raw=true" alt="14"><figcaption class="figure__caption">14</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/15.png?raw=true" alt="15"><figcaption class="figure__caption">15</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/16.png?raw=true" alt="16"><figcaption class="figure__caption">16</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/17.png?raw=true" alt="17"><figcaption class="figure__caption">17</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/18.png?raw=true" alt="18"><figcaption class="figure__caption">18</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;导入keystone相关的数据</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># su -s /bin/sh -c "keystone-manage db_sync" keystone</span></div><div class="line">No handlers could be found <span class="keyword">for</span> logger <span class="string">"oslo_config.cfg"</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;这里会有个提示  No handlers could be found for logger “oslo_config.cfg”  忽略它，不影响</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;检查有没有正常导入数据：</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># mysql -uroot -ptn1Pi6Ytm</span></div><div class="line">MariaDB [(none)]&gt; use keystone;</div><div class="line">Reading table information <span class="keyword">for</span> completion of table and column names</div><div class="line">You can turn off this feature to get a quicker startup with -A</div><div class="line"></div><div class="line">Database changed</div><div class="line">MariaDB [keystone]&gt; show tables;</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;或者</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># mysql -ukeystone -pf6zx0gURv -hcontroller -t keystone -e "show tables"</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;看是否有列出表来，如果是空，说明没有成功导入数据</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;配置apache</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;先编辑配置文件 /etc/httpd/conf/httpd.conf</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/httpd/conf/httpd.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;增加或更改 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">ServerName controller</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/19.png?raw=true" alt="19"><figcaption class="figure__caption">19</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑配置文件  vim /etc/httpd/conf.d/wsgi-keystone.conf  内容如下</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/httpd/conf.d/wsgi-keystone.conf</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div><div class="line">24</div><div class="line">25</div><div class="line">26</div><div class="line">27</div><div class="line">28</div><div class="line">29</div><div class="line">30</div><div class="line">31</div><div class="line">32</div><div class="line">33</div><div class="line">34</div><div class="line">35</div><div class="line">36</div><div class="line">37</div><div class="line">38</div><div class="line">39</div><div class="line">40</div><div class="line">41</div><div class="line">42</div><div class="line">43</div><div class="line">44</div></pre></td><td class="code"><pre><div class="line"> Listen 5000</div><div class="line"> Listen 35357</div><div class="line"> &lt;VirtualHost *:5000&gt;</div><div class="line"> WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%&#123;GROUP&#125;</div><div class="line"> WSGIProcessGroup keystone-public</div><div class="line"> WSGIScriptAlias / /usr/bin/keystone-wsgi-public</div><div class="line"> WSGIApplicationGroup %&#123;GLOBAL&#125;</div><div class="line"> WSGIPassAuthorization On</div><div class="line"> &lt;IfVersion &gt;= 2.4&gt;</div><div class="line"> ErrorLogFormat <span class="string">"%&#123;cu&#125;t %M"</span></div><div class="line"> &lt;/IfVersion&gt;</div><div class="line"> ErrorLog /var/<span class="built_in">log</span>/httpd/keystone-error.log</div><div class="line"> CustomLog /var/<span class="built_in">log</span>/httpd/keystone-access.log combined</div><div class="line"> &lt;Directory /usr/bin&gt;</div><div class="line"> &lt;IfVersion &gt;= 2.4&gt;</div><div class="line"> Require all granted</div><div class="line"> &lt;/IfVersion&gt;</div><div class="line"> &lt;IfVersion &lt; 2.4&gt;</div><div class="line"> Order allow,deny</div><div class="line"> Allow from all</div><div class="line"> &lt;/IfVersion&gt;</div><div class="line"> &lt;/Directory&gt;</div><div class="line"> &lt;/VirtualHost&gt;</div><div class="line"> &lt;VirtualHost *:35357&gt;</div><div class="line"> WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%&#123;GROUP&#125;</div><div class="line"> WSGIProcessGroup keystone-admin</div><div class="line"> WSGIScriptAlias / /usr/bin/keystone-wsgi-admin</div><div class="line"> WSGIApplicationGroup %&#123;GLOBAL&#125;</div><div class="line"> WSGIPassAuthorization On</div><div class="line"> &lt;IfVersion &gt;= 2.4&gt;</div><div class="line"> ErrorLogFormat <span class="string">"%&#123;cu&#125;t %M"</span></div><div class="line"> &lt;/IfVersion&gt;</div><div class="line"> ErrorLog /var/<span class="built_in">log</span>/httpd/keystone-error.log</div><div class="line">CustomLog /var/<span class="built_in">log</span>/httpd/keystone-access.log combined</div><div class="line"> &lt;Directory /usr/bin&gt;</div><div class="line"> &lt;IfVersion &gt;= 2.4&gt;</div><div class="line"> Require all granted</div><div class="line"> &lt;/IfVersion&gt;</div><div class="line"> &lt;IfVersion &lt; 2.4&gt;</div><div class="line"> Order allow,deny</div><div class="line"> Allow from all</div><div class="line"> &lt;/IfVersion&gt;</div><div class="line"> &lt;/Directory&gt;</div><div class="line"> &lt;/VirtualHost</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;启动apache</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl enable httpd.service</span></div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.</div><div class="line">[root@controller ~]<span class="comment"># systemctl start httpd.service</span></div></pre></td></tr></table></figure>
<h2 id="8-增加identity-创建服务实例-controller"><a href="#8-增加identity-创建服务实例-controller" class="headerlink" title="8.增加identity - 创建服务实例(controller)"></a>8.增加identity - 创建服务实例(controller)</h2><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;首先设置环境变量：</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># export OS_TOKEN=3qiVpzU2x</span></div><div class="line">[root@controller ~]<span class="comment"># export OS_URL=http://controller:35357/v3</span></div><div class="line">[root@controller ~]<span class="comment"># export OS_IDENTITY_API_VERSION=3</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># echo $OS_TOKEN</span></div><div class="line">3qiVpzU2x</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;成功之后可以用命令查看密码</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;然后创建服务实例</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack service create --name keystone --description "OpenStack Identity" identity</span></div><div class="line">+-------------+----------------------------------+</div><div class="line">| Field       | Value                            |</div><div class="line">+-------------+----------------------------------+</div><div class="line">| description | OpenStack Identity               |</div><div class="line">| enabled     | True                             |</div><div class="line">| id          | 798a1feefccb4e8d817fa96aa44bb26e |</div><div class="line">| name        | keystone                         |</div><div class="line">| <span class="built_in">type</span>        | identity                         |</div><div class="line">+-------------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建端点</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div><div class="line">24</div><div class="line">25</div><div class="line">26</div><div class="line">27</div><div class="line">28</div><div class="line">29</div><div class="line">30</div><div class="line">31</div><div class="line">32</div><div class="line">33</div><div class="line">34</div><div class="line">35</div><div class="line">36</div><div class="line">37</div><div class="line">38</div><div class="line">39</div><div class="line">40</div><div class="line">41</div><div class="line">42</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne identity public http://controller:5000/v2.0</span></div><div class="line">+--------------+----------------------------------+</div><div class="line">| Field        | Value                            |</div><div class="line">+--------------+----------------------------------+</div><div class="line">| enabled      | True                             |</div><div class="line">| id           | 3d6e544e7e3e4844aef5c699e4841771 |</div><div class="line">| interface    | public                           |</div><div class="line">| region       | RegionOne                        |</div><div class="line">| region_id    | RegionOne                        |</div><div class="line">| service_id   | 798a1feefccb4e8d817fa96aa44bb26e |</div><div class="line">| service_name | keystone                         |</div><div class="line">| service_type | identity                         |</div><div class="line">| url          | http://controller:5000/v2.0      |</div><div class="line">+--------------+----------------------------------+</div><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne identity internal http://controller:5000/v2.0</span></div><div class="line">+--------------+----------------------------------+</div><div class="line">| Field        | Value                            |</div><div class="line">+--------------+----------------------------------+</div><div class="line">| enabled      | True                             |</div><div class="line">| id           | 38d5f56bba0f40b6a312dfd3a55b5275 |</div><div class="line">| interface    | internal                         |</div><div class="line">| region       | RegionOne                        |</div><div class="line">| region_id    | RegionOne                        |</div><div class="line">| service_id   | 798a1feefccb4e8d817fa96aa44bb26e |</div><div class="line">| service_name | keystone                         |</div><div class="line">| service_type | identity                         |</div><div class="line">| url          | http://controller:5000/v2.0      |</div><div class="line">+--------------+----------------------------------+</div><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne identity admin http://controller:35357/v2.0</span></div><div class="line">+--------------+----------------------------------+</div><div class="line">| Field        | Value                            |</div><div class="line">+--------------+----------------------------------+</div><div class="line">| enabled      | True                             |</div><div class="line">| id           | fc20fb651f844827be6b519cdb961c09 |</div><div class="line">| interface    | admin                            |</div><div class="line">| region       | RegionOne                        |</div><div class="line">| region_id    | RegionOne                        |</div><div class="line">| service_id   | 798a1feefccb4e8d817fa96aa44bb26e |</div><div class="line">| service_name | keystone                         |</div><div class="line">| service_type | identity                         |</div><div class="line">| url          | http://controller:35357/v2.0     |</div><div class="line">+--------------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建租户（tenants）、用户以及角色</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建admin 租户</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack project create --domain default --description "Admin Project" admin</span></div><div class="line">+-------------+----------------------------------+</div><div class="line">| Field       | Value                            |</div><div class="line">+-------------+----------------------------------+</div><div class="line">| description | Admin Project                    |</div><div class="line">| domain_id   | default                          |</div><div class="line">| enabled     | True                             |</div><div class="line">| id          | 6a1d53e8e3b04b8bb83d19e92092ea38 |</div><div class="line">| is_domain   | False                            |</div><div class="line">| name        | admin                            |</div><div class="line">| parent_id   | None                             |</div><div class="line">+-------------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建admin用户 （密码为3qiVpzU2x）</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack user create --domain default --password-prompt admin</span></div><div class="line">User Password:</div><div class="line">Repeat User Password:</div><div class="line">+-----------+----------------------------------+</div><div class="line">| Field     | Value                            |</div><div class="line">+-----------+----------------------------------+</div><div class="line">| domain_id | default                          |</div><div class="line">| enabled   | True                             |</div><div class="line">| id        | 5d580681150c4814a33b53367f3ca453 |</div><div class="line">| name      | admin                            |</div><div class="line">+-----------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建admin角色</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack role create admin</span></div><div class="line">+-------+----------------------------------+</div><div class="line">| Field | Value                            |</div><div class="line">+-------+----------------------------------+</div><div class="line">| id    | 45d56dc92dc84001932949aa9391ac05 |</div><div class="line">| name  | admin                            |</div><div class="line">+-------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;添加admin角色到admin租户和用户</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack role add --project admin --user admin admin</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;下面我们再来创建一个service 租户</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack project create --domain default --description "Service Project" service</span></div><div class="line">+-------------+----------------------------------+</div><div class="line">| Field       | Value |</div><div class="line">+-------------+----------------------------------+</div><div class="line">| description | Service Project                  |</div><div class="line">| domain_id   | default                          |</div><div class="line">| enabled     | True                             |</div><div class="line">| id          | ad59d222484e4c9381d46322a8f34ebe |</div><div class="line">| is_domain   | False                            |</div><div class="line">| name        | service                          |</div><div class="line">| parent_id   | None                             |</div><div class="line">+-------------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建demo租户</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack project create --domain default --description "Demo Project" demo</span></div><div class="line">+-------------+----------------------------------+</div><div class="line">| Field       | Value                            |</div><div class="line">+-------------+----------------------------------+</div><div class="line">| description | Demo Project                     |</div><div class="line">| domain_id   | default                          |</div><div class="line">| enabled     | True                             |</div><div class="line">| id          | 003e738c4cc848d2b3d19c63a69169e1 |</div><div class="line">| is_domain   | False                            |</div><div class="line">| name        | demo                             |</div><div class="line">| parent_id   | None                             |</div><div class="line">+-------------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建demo用户 （密码9TtbgaA1q）</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack user create --domain default --password-prompt demo</span></div><div class="line">User Password:</div><div class="line">Repeat User Password:</div><div class="line">+-----------+----------------------------------+</div><div class="line">| Field     | Value                            |</div><div class="line">+-----------+----------------------------------+</div><div class="line">| domain_id | default                          |</div><div class="line">| enabled   | True                             |</div><div class="line">| id        | a4e31690c437446ab1fcfc68beef9b1c |</div><div class="line">| name      | demo                             |</div><div class="line">+-----------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建角色user</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack role create user</span></div><div class="line">+-------+----------------------------------+</div><div class="line">| Field | Value                            |</div><div class="line">+-------+----------------------------------+</div><div class="line">| id    | b55d5c19857740239c9b2cca2e064359 |</div><div class="line">| name  | user                             |</div><div class="line">+-------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;添加user角色到demo租户和demo用户</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack role add --project demo --user demo user</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;验证admin用户和demo用户是否能正常登陆</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;首先做一个安全设置：</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /usr/share/keystone/keystone-dist-paste.ini</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;搜索admin_token_auth， 从[pipeline:public_api], [pipeline:admin_api]和[pipeline:api_v3]中，把admin_token_auth去掉，例如把</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/20.png?raw=true" alt="20"><figcaption class="figure__caption">20</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;改为</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/21.png?raw=true" alt="21"><figcaption class="figure__caption">21</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/22.png?raw=true" alt="22"><figcaption class="figure__caption">22</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;改为</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/23.png?raw=true" alt="23"><figcaption class="figure__caption">23</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/24.png?raw=true" alt="24"><figcaption class="figure__caption">24</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;改为</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/25.png?raw=true" alt="25"><figcaption class="figure__caption">25</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;取消环境变量OS_TOKEN和OS_URL</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># unset OS_TOKEN OS_URL</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;然后再登陆admin和demo用户</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack --os-auth-url http://controller:35357/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name admin --os-username admin --os-auth-type password token issue</span></div><div class="line">Password: </div><div class="line">+------------+----------------------------------+</div><div class="line">| Field      | Value                            |</div><div class="line">+------------+----------------------------------+</div><div class="line">| expires    | 2017-01-16T03:56:24.514931Z      |</div><div class="line">| id         | 3a9529d4a2b1446291d54ea764f67832 |</div><div class="line">| project_id | 6a1d53e8e3b04b8bb83d19e92092ea38 |</div><div class="line">| user_id    | 5d580681150c4814a33b53367f3ca453 |</div><div class="line">+------------+----------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack --os-auth-url http://controller:5000/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name demo --os-username demo --os-auth-type password token issue</span></div><div class="line">Password: </div><div class="line">+------------+----------------------------------+</div><div class="line">| Field      | Value                            |</div><div class="line">+------------+----------------------------------+</div><div class="line">| expires    | 2017-01-16T03:58:00.066876Z      |</div><div class="line">| id         | 8712ff834d954a1c9ed30c4d45902d99 |</div><div class="line">| project_id | 003e738c4cc848d2b3d19c63a69169e1 |</div><div class="line">| user_id    | a4e31690c437446ab1fcfc68beef9b1c |</div><div class="line">+------------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建openstack客户端脚本</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim admin-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;内容</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div></pre></td><td class="code"><pre><div class="line"><span class="built_in">export</span> OS_PROJECT_DOMAIN_ID=default</div><div class="line"><span class="built_in">export</span> OS_USER_DOMAIN_ID=default</div><div class="line"><span class="built_in">export</span> OS_PROJECT_NAME=admin</div><div class="line"><span class="built_in">export</span> OS_TENANT_NAME=admin</div><div class="line"><span class="built_in">export</span> OS_USERNAME=admin</div><div class="line"><span class="built_in">export</span> OS_PASSWORD=3qiVpzU2x</div><div class="line"><span class="built_in">export</span> OS_AUTH_URL=http://controller:35357/v3</div><div class="line"><span class="built_in">export</span> OS_IDENTITY_API_VERSION=3</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;执行脚本</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source admin-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;申请认证令牌</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack token issue </span></div><div class="line">+------------+----------------------------------+</div><div class="line">| Field      | Value                            |</div><div class="line">+------------+----------------------------------+</div><div class="line">| expires    | 2017-01-16T04:16:18.542286Z      |</div><div class="line">| id         | 3e4ceb2f0c404e309b9ced709dfc61cd |</div><div class="line">| project_id | 6a1d53e8e3b04b8bb83d19e92092ea38 |</div><div class="line">| user_id    | 5d580681150c4814a33b53367f3ca453 |</div><div class="line">+------------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建openstack客户端脚本</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim demo-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;内容</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div></pre></td><td class="code"><pre><div class="line"><span class="built_in">export</span> OS_PROJECT_DOMAIN_ID=default</div><div class="line"><span class="built_in">export</span> OS_USER_DOMAIN_ID=default</div><div class="line"><span class="built_in">export</span> OS_PROJECT_NAME=demo</div><div class="line"><span class="built_in">export</span> OS_TENANT_NAME=demo</div><div class="line"><span class="built_in">export</span> OS_USERNAME=demo</div><div class="line"><span class="built_in">export</span> OS_PASSWORD=9TtbgaA1q</div><div class="line"><span class="built_in">export</span> OS_AUTH_URL=http://controller:5000/v3</div><div class="line"><span class="built_in">export</span> OS_IDENTITY_API_VERSION=3</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;执行脚本</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source demo-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;申请认证令牌</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source demo-openrc.sh </span></div><div class="line">[root@controller ~]<span class="comment"># openstack token issue</span></div><div class="line">+------------+----------------------------------+</div><div class="line">| Field      | Value                            |</div><div class="line">+------------+----------------------------------+</div><div class="line">| expires    | 2017-01-16T04:16:33.929333Z      |</div><div class="line">| id         | b6010fc692754602a202354ca9efd475 |</div><div class="line">| project_id | 003e738c4cc848d2b3d19c63a69169e1 |</div><div class="line">| user_id    | a4e31690c437446ab1fcfc68beef9b1c |</div><div class="line">+------------+----------------------------------+</div></pre></td></tr></table></figure>
<h2 id="9-增加-glance-组件"><a href="#9-增加-glance-组件" class="headerlink" title="9.增加 glance 组件"></a>9.增加 glance 组件</h2><h3 id="增加image-前期准备-controller"><a href="#增加image-前期准备-controller" class="headerlink" title="增加image - 前期准备(controller)"></a>增加image - 前期准备(controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;image又叫做glance，是用来管理镜像的一个组件，我们用镜像来安装操作系统。glance支持让用户自己管理自定义镜像。</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建glance库和用户</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># mysql -uroot -ptn1Pi6Ytm</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div></pre></td><td class="code"><pre><div class="line">MariaDB [(none)]&gt; CREATE database glance;</div><div class="line">Query OK, 1 row affected (0.00 sec)</div><div class="line"> </div><div class="line">MariaDB [(none)]&gt; GRANT ALL PRIVILEGES ON glance.* TO <span class="string">'glance'</span>@<span class="string">'localhost'</span> IDENTIFIED BY <span class="string">'Zznky4tP0'</span>;</div><div class="line">Query OK, 0 rows affected (0.01 sec)</div><div class="line"> </div><div class="line">MariaDB [(none)]&gt; GRANT ALL PRIVILEGES ON glance.* TO <span class="string">'glance'</span>@<span class="string">'%'</span> IDENTIFIED BY <span class="string">'Zznky4tP0'</span>;</div><div class="line">Query OK, 0 rows affected (0.00 sec)</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;执行 admin-openrc.sh 脚本  </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source admin-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建glance用户（密码为hf8LX9bow）</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack user create --domain default --password-prompt glance</span></div><div class="line">User Password:</div><div class="line">Repeat User Password:</div><div class="line">+-----------+----------------------------------+</div><div class="line">| Field     | Value                            |</div><div class="line">+-----------+----------------------------------+</div><div class="line">| domain_id | default                          |</div><div class="line">| enabled   | True                             |</div><div class="line">| id        | ccaa39f341a84ba28efbdc12858ab147 |</div><div class="line">| name      | glance                           |</div><div class="line">+-----------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;把admin角色添加到glance用户和service租户</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack role add --project service --user glance admin</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建glance服务实体</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack service create --name glance --description "OpenStack Image service" image</span></div><div class="line">+-------------+----------------------------------+</div><div class="line">| Field       | Value                            |</div><div class="line">+-------------+----------------------------------+</div><div class="line">| description | OpenStack Image service          |</div><div class="line">| enabled     | True                             |</div><div class="line">| id          | 08b9dc2e841740b2bdeba8413aca368c |</div><div class="line">| name        | glance                           |</div><div class="line">| <span class="built_in">type</span>        | image                            |</div><div class="line">+-------------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建image服务api 端点</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne image public http://controller:9292</span></div><div class="line">+--------------+----------------------------------+</div><div class="line">| Field        | Value                            |</div><div class="line">+--------------+----------------------------------+</div><div class="line">| enabled      | True                             |</div><div class="line">| id           | 82fdb35f5d974143852d294246a73d7f |</div><div class="line">| interface    | public                           |</div><div class="line">| region       | RegionOne                        |</div><div class="line">| region_id    | RegionOne                        |</div><div class="line">| service_id   | 08b9dc2e841740b2bdeba8413aca368c |</div><div class="line">| service_name | glance                           |</div><div class="line">| service_type | image                            |</div><div class="line">| url          | http://controller:9292           |</div><div class="line">+--------------+----------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne image internal http://controller:9292</span></div><div class="line">+--------------+----------------------------------+</div><div class="line">| Field        | Value                            |</div><div class="line">+--------------+----------------------------------+</div><div class="line">| enabled      | True                             |</div><div class="line">| id           | 29fa12237cfe44f9b2304565edebd650 |</div><div class="line">| interface    | internal                         |</div><div class="line">| region       | RegionOne                        |</div><div class="line">| region_id    | RegionOne                        |</div><div class="line">| service_id   | 08b9dc2e841740b2bdeba8413aca368c |</div><div class="line">| service_name | glance                           |</div><div class="line">| service_type | image                            |</div><div class="line">| url          | http://controller:9292           |</div><div class="line">+--------------+----------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne image admin http://controller:9292</span></div><div class="line">+--------------+----------------------------------+</div><div class="line">| Field        | Value                            |</div><div class="line">+--------------+----------------------------------+</div><div class="line">| enabled      | True                             |</div><div class="line">| id           | 4ca144efb4d74f628f7ba472e144a908 |</div><div class="line">| interface    | admin                            |</div><div class="line">| region       | RegionOne                        |</div><div class="line">| region_id    | RegionOne                        |</div><div class="line">| service_id   | 08b9dc2e841740b2bdeba8413aca368c |</div><div class="line">| service_name | glance                           |</div><div class="line">| service_type | image                            |</div><div class="line">| url          | http://controller:9292           |</div><div class="line">+--------------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;安装包</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum install -y openstack-glance python-glance python-glanceclient</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑配置文件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/glance/glance-api.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改或增加</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div></pre></td><td class="code"><pre><div class="line">[database]</div><div class="line">connection = mysql://glance:Zznky4tP0@controller/glance</div><div class="line"></div><div class="line">[keystone_authtoken]</div><div class="line">auth_uri = http://controller:5000</div><div class="line">auth_url = http://controller:35357</div><div class="line">auth_plugin = password</div><div class="line">project_domain_id = default</div><div class="line">user_domain_id = default</div><div class="line">project_name = service</div><div class="line">username = glance</div><div class="line">password = hf8LX9bow</div><div class="line"></div><div class="line">[paste_deploy]</div><div class="line">flavor = keystone</div><div class="line"></div><div class="line">[glance_store]</div><div class="line">default_store = file</div><div class="line">filesystem_store_datadir = /var/lib/glance/images/</div><div class="line"></div><div class="line">[DEFAULT]</div><div class="line">notificaction_driver = noop</div><div class="line">verbose=True</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/26.png?raw=true" alt="26"><figcaption class="figure__caption">26</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/27.png?raw=true" alt="27"><figcaption class="figure__caption">27</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/28.png?raw=true" alt="28"><figcaption class="figure__caption">28</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/29.png?raw=true" alt="29"><figcaption class="figure__caption">29</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑配置文件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/glance/glance-registry.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改或增加</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div></pre></td><td class="code"><pre><div class="line">[DEFAULT]</div><div class="line">notificaction_driver = noop</div><div class="line">verbose=True</div><div class="line"></div><div class="line">[database]</div><div class="line">connection = mysql://glance:Zznky4tP0@controller/glance</div><div class="line"></div><div class="line">[keystone_authtoken]</div><div class="line">auth_uri = http://controller:5000</div><div class="line">auth_url = http://controller:35357</div><div class="line">auth_plugin = password</div><div class="line">project_domain_id = default</div><div class="line">user_domain_id = default</div><div class="line">project_name = service</div><div class="line">username = glance</div><div class="line">password = hf8LX9bow</div><div class="line"></div><div class="line">[paste_deploy]</div><div class="line">flavor = keystone</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/30.png?raw=true" alt="30"><figcaption class="figure__caption">30</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/31.png?raw=true" alt="31"><figcaption class="figure__caption">31</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/32.png?raw=true" alt="32"><figcaption class="figure__caption">32</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/33.png?raw=true" alt="33"><figcaption class="figure__caption">33</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;同步glance数据库数据</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># su -s /bin/sh -c "glance-manage db_sync" glance</span></div><div class="line">No handlers could be found <span class="keyword">for</span> logger <span class="string">"oslo_config.cfg"</span></div><div class="line">/usr/lib64/python2.7/site-packages/sqlalchemy/engine/default.py:450: Warning: Duplicate index <span class="string">'ix_image_properties_image_id_name'</span> defined on the table <span class="string">'glance.image_properties'</span>. This is deprecated and will be disallowed <span class="keyword">in</span> a future release.</div><div class="line"> cursor.execute(statement, parameters)</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;启动服务</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl enable openstack-glance-api.service openstack-glance-registry.service</span></div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service.</div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service to /usr/lib/systemd/system/openstack-glance-registry.service.</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl start openstack-glance-api.service openstack-glance-registry.service</span></div></pre></td></tr></table></figure>
<h3 id="增加image-验证操作-controller"><a href="#增加image-验证操作-controller" class="headerlink" title="增加image - 验证操作(controller)"></a>增加image - 验证操作(controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;(1) 添加环境变量</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># echo "export OS_IMAGE_API_VERSION=2" | tee -a admin-openrc.sh demo-openrc.sh</span></div><div class="line"><span class="built_in">export</span> OS_IMAGE_API_VERSION=2</div><div class="line">[root@controller ~]<span class="comment"># tail admin-openrc.sh </span></div><div class="line"><span class="meta">#!/bin/bash</span></div><div class="line"><span class="built_in">export</span> OS_PROJECT_DOMAIN_ID=default</div><div class="line"><span class="built_in">export</span> OS_USER_DOMAIN_ID=default</div><div class="line"><span class="built_in">export</span> OS_PROJECT_NAME=admin</div><div class="line"><span class="built_in">export</span> OS_TENANT_NAME=admin</div><div class="line"><span class="built_in">export</span> OS_USERNAME=admin</div><div class="line"><span class="built_in">export</span> OS_PASSWORD=3qiVpzU2x</div><div class="line"><span class="built_in">export</span> OS_AUTH_URL=http://controller:35357/v3</div><div class="line"><span class="built_in">export</span> OS_IDENTITY_API_VERSION=3</div><div class="line"><span class="built_in">export</span> OS_IMAGE_API_VERSION=2</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;(2) 执行admin-openrc.sh</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source admin-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;（3）下载镜像</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;(4) 把刚刚下载的镜像上传到镜像服务中心</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div><div class="line">24</div><div class="line">25</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># glance image-create --name "cirros" \</span></div><div class="line">&gt; --file cirros-0.3.4-x86_64-disk.img \</div><div class="line">&gt; --disk-format qcow2 --container-format bare \</div><div class="line">&gt; --visibility public --progress</div><div class="line">[=============================&gt;] 100%</div><div class="line">+------------------+--------------------------------------+</div><div class="line">| Property         | Value                                |</div><div class="line">+------------------+--------------------------------------+</div><div class="line">| checksum         | 617966a8b6bec61f9d7bcc442deae50d     |</div><div class="line">| container_format | bare                                 |</div><div class="line">| created_at       | 2017-01-16T04:46:14Z                 |</div><div class="line">| disk_format      | qcow2                                |</div><div class="line">| id               | 8def7abc-11f1-47d7-8449-bca9f26b1c6e |</div><div class="line">| min_disk         | 0                                    |</div><div class="line">| min_ram          | 0                                    |</div><div class="line">| name             | cirros                               |</div><div class="line">| owner            | 6a1d53e8e3b04b8bb83d19e92092ea38     |</div><div class="line">| protected        | False                                |</div><div class="line">| size             | 2102282                              |</div><div class="line">| status           | active                               |</div><div class="line">| tags             | []                                   |</div><div class="line">| updated_at       | 2017-01-16T04:46:15Z                 |</div><div class="line">| virtual_size     | None                                 |</div><div class="line">| visibility       | public                               |</div><div class="line">+------------------+--------------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;然后我们可以在 /var/lib/glance/images/目录下看到一个文件，这个就是刚刚上传的镜像，你会发现这个文件的名字和id是一致的。</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># ls /var/lib/glance/images/8def7abc-11f1-47d7-8449-bca9f26b1c6e </span></div><div class="line">/var/lib/glance/images/8def7abc-11f1-47d7-8449-bca9f26b1c6e</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;使用命令  <strong>glance image-list</strong> 可以查看镜像列表</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># glance image-list</span></div><div class="line">+--------------------------------------+--------+</div><div class="line">| ID                                   | Name   |</div><div class="line">+--------------------------------------+--------+</div><div class="line">| 8def7abc-11f1-47d7-8449-bca9f26b1c6e | cirros |</div><div class="line">+--------------------------------------+--------+</div></pre></td></tr></table></figure>
<h2 id="10-增加-nova-组件"><a href="#10-增加-nova-组件" class="headerlink" title="10.增加 nova 组件"></a>10.增加 nova 组件</h2><h3 id="增加compute-前期准备-controller"><a href="#增加compute-前期准备-controller" class="headerlink" title="增加compute - 前期准备(controller)"></a>增加compute - 前期准备(controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;compute又叫nova，是OpenStack中的计算组织控制器。OpenStack中实例（instances）生命周期的所有活动都由Nova处理。这样使得Nova成为一个负责管理计算资源、网络、认证、所需可扩展性的平台。但是，Nova自身并没有提供任何虚拟化能力，相反它使用libvirt API来与被支持的Hypervisors（kvm、xen、vmware等）交互。</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建nova库，并创建nova用户 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># mysql -uroot -ptn1Pi6Ytm</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div></pre></td><td class="code"><pre><div class="line">MariaDB [(none)]&gt; CREATE DATABASE nova;</div><div class="line">Query OK, 1 row affected (0.00 sec)</div><div class="line"></div><div class="line">MariaDB [(none)]&gt; GRANT ALL PRIVILEGES ON nova.* TO <span class="string">'nova'</span>@<span class="string">'localhost'</span> IDENTIFIED BY <span class="string">'RYgv0rg7p'</span>; </div><div class="line">Query OK, 0 rows affected (0.05 sec)</div><div class="line"></div><div class="line">MariaDB [(none)]&gt; MariaDB [(none)]&gt; GRANT ALL PRIVILEGES ON nova.* TO <span class="string">'nova'</span>@<span class="string">'%'</span> IDENTIFIED BY <span class="string">'RYgv0rg7p'</span>;</div><div class="line">Query OK, 0 rows affected (0.00 sec)</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;初始化环境变量   </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source admin-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建nova用户 密码为 hsSNsqc43  </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack user create --domain default --password-prompt nova</span></div><div class="line">User Password:</div><div class="line">Repeat User Password:</div><div class="line">+-----------+----------------------------------+</div><div class="line">| Field     | Value                            |</div><div class="line">+-----------+----------------------------------+</div><div class="line">| domain_id | default                          |</div><div class="line">| enabled   | True                             |</div><div class="line">| id        | 43d1f84437414405a654b375a83c03ff |</div><div class="line">| name      | nova                             |</div><div class="line">+-----------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;添加admin角色到nova用户  </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack role add --project service --user nova admin</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建nova服务实例 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack service create --name nova --description "OpenStack Compute" compute</span></div><div class="line">+-------------+----------------------------------+</div><div class="line">| Field       | Value                            |</div><div class="line">+-------------+----------------------------------+</div><div class="line">| description | OpenStack Compute                |</div><div class="line">| enabled     | True                             |</div><div class="line">| id          | 23c52463f4ee43798f0adf5b1ba6da93 |</div><div class="line">| name        | nova                             |</div><div class="line">| <span class="built_in">type</span>        | compute                          |</div><div class="line">+-------------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建api端点</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne compute public http://controller:8774/v2/%\(tenant_id\)s</span></div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| Field        | Value                                   |</div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| enabled      | True                                    |</div><div class="line">| id           | d15accf37377409e82388e625440a066        |</div><div class="line">| interface    | public                                  |</div><div class="line">| region       | RegionOne                               |</div><div class="line">| region_id    | RegionOne                               |</div><div class="line">| service_id   | 23c52463f4ee43798f0adf5b1ba6da93        |</div><div class="line">| service_name | nova                                    |</div><div class="line">| service_type | compute                                 |</div><div class="line">| url          | http://controller:8774/v2/%(tenant_id)s |</div><div class="line">+--------------+-----------------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne compute internal http://controller:8774/v2/%\(tenant_id\)s</span></div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| Field        | Value                                   |</div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| enabled      | True                                    |</div><div class="line">| id           | 7cd1a5f1ecd84a96a1fea1bd50c29721        |</div><div class="line">| interface    | internal                                |</div><div class="line">| region       | RegionOne                               |</div><div class="line">| region_id    | RegionOne                               |</div><div class="line">| service_id   | 23c52463f4ee43798f0adf5b1ba6da93        |</div><div class="line">| service_name | nova                                    |</div><div class="line">| service_type | compute                                 |</div><div class="line">| url          | http://controller:8774/v2/%(tenant_id)s |</div><div class="line">+--------------+-----------------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne compute admin http://controller:8774/v2/%\(tenant_id\)s</span></div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| Field        | Value                                   |</div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| enabled      | True                                    |</div><div class="line">| id           | bf598c8a131143b4aecedd21a9ffd345        |</div><div class="line">| interface    | admin                                   |</div><div class="line">| region       | RegionOne                               |</div><div class="line">| region_id    | RegionOne                               |</div><div class="line">| service_id   | 23c52463f4ee43798f0adf5b1ba6da93        |</div><div class="line">| service_name | nova                                    |</div><div class="line">| service_type | compute                                 |</div><div class="line">| url          | http://controller:8774/v2/%(tenant_id)s |</div><div class="line">+--------------+-----------------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum install -y openstack-nova-api openstack-nova-cert openstack-nova-conductor openstack-nova-console \</span></div><div class="line">&gt; openstack-nova-novncproxy openstack-nova-scheduler python-novaclient</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑配置文件  </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/nova/nova.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改或增加配置</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div><div class="line">24</div><div class="line">25</div><div class="line">26</div><div class="line">27</div><div class="line">28</div><div class="line">29</div><div class="line">30</div><div class="line">31</div><div class="line">32</div><div class="line">33</div><div class="line">34</div><div class="line">35</div><div class="line">36</div><div class="line">37</div><div class="line">38</div></pre></td><td class="code"><pre><div class="line">[DEFAULT]</div><div class="line">rpc_backend=rabbit</div><div class="line">my_ip=192.168.16.111</div><div class="line">auth_strategy=keystone</div><div class="line">network_api_class = nova.network.neutronv2.api.API</div><div class="line">security_group_api = neutron</div><div class="line">linuxnet_interface_driver = nova.network.linux_net.NeutronLinuxBridgeInterfaceDriver</div><div class="line">firewall_driver = nova.virt.firewall.NoopFirewallDriver</div><div class="line">enabled_apis=osapi_compute,metadata</div><div class="line">verbose=<span class="literal">true</span></div><div class="line"></div><div class="line">[database]</div><div class="line">connection = mysql://nova:RYgv0rg7p@controller/nova</div><div class="line"></div><div class="line">[keystone_authtoken]</div><div class="line">auth_uri = http://controller:5000</div><div class="line">auth_url = http://controller:35357</div><div class="line">auth_plugin = password</div><div class="line">project_domain_id = default</div><div class="line">user_domain_id = default</div><div class="line">project_name = service</div><div class="line">username = nova</div><div class="line">password = hsSNsqc43</div><div class="line"></div><div class="line">[oslo_messaging_rabbit]</div><div class="line">rabbit_host = controller</div><div class="line">rabbit_userid = openstack</div><div class="line">rabbit_password = o3NXovnz5</div><div class="line"></div><div class="line">[vnc]</div><div class="line">vncserver_listen = <span class="variable">$my_ip</span></div><div class="line">vncserver_proxyclient_address = <span class="variable">$my_ip</span></div><div class="line"></div><div class="line">[glance]</div><div class="line">host = controller</div><div class="line"></div><div class="line">[oslo_concurrency]</div><div class="line">lock_path = /var/lib/nova/tmp</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/34.png?raw=true" alt="34"><figcaption class="figure__caption">34</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/35.png?raw=true" alt="35"><figcaption class="figure__caption">35</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/36.png?raw=true" alt="36"><figcaption class="figure__caption">36</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/37.png?raw=true" alt="37"><figcaption class="figure__caption">37</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/38.png?raw=true" alt="38"><figcaption class="figure__caption">38</figcaption></figure></p>
<blockquote>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/master/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/39.png?raw=true" alt="39"><figcaption class="figure__caption">39</figcaption></figure></p>
</blockquote>
<h1 id=""><a href="#" class="headerlink" title=""></a><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/40.png?raw=true" alt="40"><figcaption class="figure__caption">40</figcaption></figure></h1><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;同步数据创建nova库</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># su -s /bin/sh -c "nova-manage db sync" nova</span></div><div class="line">No handlers could be found <span class="keyword">for</span> logger <span class="string">"oslo_config.cfg"</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;启动服务</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl enable openstack-nova-api.service \</span></div><div class="line">&gt; openstack-nova-cert.service openstack-nova-consoleauth.service \</div><div class="line">&gt; openstack-nova-scheduler.service openstack-nova-conductor.service \</div><div class="line">&gt; openstack-nova-novncproxy.service</div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-api.service to /usr/lib/systemd/system/openstack-nova-api.service.</div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-cert.service to /usr/lib/systemd/system/openstack-nova-cert.service.</div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-consoleauth.service to /usr/lib/systemd/system/openstack-nova-consoleauth.service.</div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-scheduler.service to /usr/lib/systemd/system/openstack-nova-scheduler.service.</div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-conductor.service to /usr/lib/systemd/system/openstack-nova-conductor.service.</div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-novncproxy.service to /usr/lib/systemd/system/openstack-nova-novncproxy.service.</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl start openstack-nova-api.service \</span></div><div class="line">&gt; openstack-nova-cert.service openstack-nova-consoleauth.service \</div><div class="line">&gt; openstack-nova-scheduler.service openstack-nova-conductor.service \</div><div class="line">&gt; openstack-nova-novncproxy.service</div></pre></td></tr></table></figure>
<h2 id="11-增加-nova-组件"><a href="#11-增加-nova-组件" class="headerlink" title="11.增加 nova 组件"></a>11.增加 nova 组件</h2><h3 id="增加compute-安装包并配置-compute"><a href="#增加compute-安装包并配置-compute" class="headerlink" title="增加compute - 安装包并配置(compute)"></a>增加compute - 安装包并配置(compute)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;安装nova-compute包 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># yum install -y openstack-nova-compute sysfsutils</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑配置文件 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># vim /etc/nova/nova.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改或增加如下配置</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div><div class="line">24</div><div class="line">25</div><div class="line">26</div><div class="line">27</div><div class="line">28</div><div class="line">29</div><div class="line">30</div><div class="line">31</div><div class="line">32</div><div class="line">33</div><div class="line">34</div><div class="line">35</div><div class="line">36</div></pre></td><td class="code"><pre><div class="line">[DEFAULT]</div><div class="line">rpc_backend = rabbit</div><div class="line">auth_strategy = keystone</div><div class="line">my_ip = 192.168.16.112</div><div class="line">network_api_class = nova.network.neutronv2.api.API</div><div class="line">security_group_api = neutron</div><div class="line">linuxnet_interface_driver = nova.network.linux_net.NeutronLinuxBridgeInterfaceDriver</div><div class="line">firewall_driver = nova.virt.firewall.NoopFirewallDriver</div><div class="line">verbose=<span class="literal">true</span></div><div class="line"> </div><div class="line">[oslo_messaging_rabbit]</div><div class="line">rabbit_host = controller</div><div class="line">rabbit_userid = openstack</div><div class="line">rabbit_password = o3NXovnz5</div><div class="line"> </div><div class="line">[keystone_authtoken]</div><div class="line">auth_uri = http://controller:5000</div><div class="line">auth_url = http://controller:35357</div><div class="line">auth_plugin = password</div><div class="line">project_domain_id = default</div><div class="line">user_domain_id = default</div><div class="line">project_name = service</div><div class="line">username = nova</div><div class="line">password = hsSNsqc43</div><div class="line"> </div><div class="line">[vnc]</div><div class="line">enabled = True</div><div class="line">vncserver_listen = 0.0.0.0</div><div class="line">vncserver_proxyclient_address = <span class="variable">$my_ip</span></div><div class="line">novncproxy_base_url = http://controller:6080/vnc_auto.html</div><div class="line"> </div><div class="line">[glance]</div><div class="line">host = controller</div><div class="line"> </div><div class="line">[oslo_concurrency]</div><div class="line">lock_path = /var/lib/nova/tmp</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/41.png?raw=true" alt="41"><figcaption class="figure__caption">41</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/42.png?raw=true" alt="42"><figcaption class="figure__caption">42</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/43.png?raw=true" alt="43"><figcaption class="figure__caption">43</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/44.png?raw=true" alt="44"><figcaption class="figure__caption">44</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/45.png?raw=true" alt="45"><figcaption class="figure__caption">45</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/46.png?raw=true" alt="46"><figcaption class="figure__caption">46</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;使用如下命令检查你的机器cpu是否支持虚拟化</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># egrep -c '(vmx|svm)' /proc/cpuinfo</span></div><div class="line">2</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;如果得到的数字大于0，说明是支持的，否则说明不支持，若为0，需要编辑配置文件，不等于0就不用编辑配置</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># vim /etc/nova/nova.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[libvirt]</div><div class="line">virt_type = qemu</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;启动服务</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># systemctl enable libvirtd.service openstack-nova-compute.service</span></div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service to /usr/lib/systemd/system/openstack-nova-compute.service.</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># systemctl start libvirtd.service openstack-nova-compute.service</span></div></pre></td></tr></table></figure>
<h3 id="增加compute-验证操作-controller"><a href="#增加compute-验证操作-controller" class="headerlink" title="增加compute - 验证操作(controller)"></a>增加compute - 验证操作(controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;执行脚本</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source admin-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;列出服务组件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova service-list</span></div><div class="line">+----+------------------+------------+----------+---------+-------+----------------------------+-----------------+</div><div class="line">| Id | Binary           | Host       | Zone     | Status  | State | Updated_at                 | Disabled Reason |</div><div class="line">+----+------------------+------------+----------+---------+-------+----------------------------+-----------------+</div><div class="line">| 1  | nova-consoleauth | controller | internal | enabled | up | 2017-01-17T04:53:08.000000    | -               |</div><div class="line">| 2  | nova-cert        | controller | internal | enabled | up | 2017-01-17T04:53:10.000000    | -               |</div><div class="line">| 3  | nova-conductor   | controller | internal | enabled | up | 2017-01-17T04:53:10.000000    | -               |</div><div class="line">| 4  | nova-scheduler   | controller | internal | enabled | up | 2017-01-17T04:53:10.000000    | -               |</div><div class="line">| 5  | nova-compute     | compute    | nova     | enabled | up | 2017-01-17T04:53:11.000000    | -               |</div><div class="line">+----+------------------+------------+----------+---------+-------+----------------------------+-----------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;共有5个：nova-consoleauth nova-conductor nova-scheduler nova-cert nova-compute</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;列出api端点，一共有9组： nova三组，glance三组，keystone三组</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova endpoints</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;如果有提示</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">WARNING: nova has no endpoint <span class="keyword">in</span> ! Available endpoints <span class="keyword">for</span> this service:</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;可以忽略掉，也可以编辑  </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim admin-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;增加一行 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line"><span class="built_in">export</span> OS_REGION_NAME=RegionOne</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;列出镜像</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova image-list</span></div></pre></td></tr></table></figure>
<h2 id="12-增加-neutron-组件"><a href="#12-增加-neutron-组件" class="headerlink" title="12.增加 neutron 组件"></a>12.增加 neutron 组件</h2><h3 id="增加Networking-前期准备-controller"><a href="#增加Networking-前期准备-controller" class="headerlink" title="增加Networking - 前期准备(controller)"></a>增加Networking - 前期准备(controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;Networking又叫做Neutron，是Openstack必不可少的组件，它其实是网络虚拟化的实现工具，可以让我们模拟出路由器、交换机、网卡等网络设备。</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;关于Neutron的电子书 <a href="https://yeasy.gitbooks.io/openstack_understand_neutron/content/" target="_blank" rel="external">深入理解 Neutron – OpenStack 网络实现</a></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;Neutron支持两种网络模式，第一种是非常简单的网络架构，它仅支持是让实例连接外网，不支持自定义网络、路由器以及浮动ip。只有管理员或者授权的用户有权限去管理网络。第二种网络功能比较强大，支持自定义网络管理，支持自建路由器并且也支持浮动ip。即使没有授权的用户也可以管理网络，支持用户自己配置和管理。</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建库、授权账号 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># mysql -uroot -ptn1Pi6Ytm</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div></pre></td><td class="code"><pre><div class="line">MariaDB [(none)]&gt; CREATE DATABASE neutron;</div><div class="line">Query OK, 1 row affected (0.00 sec)</div><div class="line"> </div><div class="line">MariaDB [(none)]&gt; GRANT ALL PRIVILEGES ON neutron.* TO <span class="string">'neutron'</span>@<span class="string">'localhost'</span> IDENTIFIED BY <span class="string">'quidyOC50'</span>;</div><div class="line">Query OK, 0 rows affected (0.03 sec)</div><div class="line"> </div><div class="line">MariaDB [(none)]&gt; GRANT ALL PRIVILEGES ON neutron.* TO <span class="string">'neutron'</span>@<span class="string">'%'</span> IDENTIFIED BY <span class="string">'quidyOC50'</span>;</div><div class="line">Query OK, 0 rows affected (0.00 sec)</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;执行脚本 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source admin-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建neutron用户（密码为mdcGVl29i）</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack user create --domain default --password-prompt neutron</span></div><div class="line">User Password:</div><div class="line">Repeat User Password:</div><div class="line">+-----------+----------------------------------+</div><div class="line">| Field     | Value                            |</div><div class="line">+-----------+----------------------------------+</div><div class="line">| domain_id | default                          |</div><div class="line">| enabled   | True                             |</div><div class="line">| id        | 36a6f48840294e71970f5d13af7325f6 |</div><div class="line">| name      | neutron                          |</div><div class="line">+-----------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;把admin角色添加到neutron用户里  </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack role add --project service --user neutron admin</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建neutron实例</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack service create --name neutron --description "OpenStack Networking" network</span></div><div class="line">+-------------+----------------------------------+</div><div class="line">| Field       | Value                            |</div><div class="line">+-------------+----------------------------------+</div><div class="line">| description | OpenStack Networking             |</div><div class="line">| enabled     | True                             |</div><div class="line">| id          | 27e0015e24654eb7bc06569ca10046b5 |</div><div class="line">| name        | neutron                          |</div><div class="line">| <span class="built_in">type</span>        | network                          |</div><div class="line">+-------------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建networking服务api终端</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne network public http://controller:9696</span></div><div class="line">+--------------+----------------------------------+</div><div class="line">| Field        | Value                            |</div><div class="line">+--------------+----------------------------------+</div><div class="line">| enabled      | True                             |</div><div class="line">| id           | c46e6aaffb6d4de09a995168f6c05b5b |</div><div class="line">| interface    | public                           |</div><div class="line">| region       | RegionOne                        |</div><div class="line">| region_id    | RegionOne                        |</div><div class="line">| service_id   | 27e0015e24654eb7bc06569ca10046b5 |</div><div class="line">| service_name | neutron                          |</div><div class="line">| service_type | network                          |</div><div class="line">| url          | http://controller:9696           |</div><div class="line">+--------------+----------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne network internal http://controller:9696</span></div><div class="line">+--------------+----------------------------------+</div><div class="line">| Field        | Value                            |</div><div class="line">+--------------+----------------------------------+</div><div class="line">| enabled      | True                             |</div><div class="line">| id           | 41fa137019f940a98fbe027caadf5b96 |</div><div class="line">| interface    | internal                         |</div><div class="line">| region       | RegionOne                        |</div><div class="line">| region_id    | RegionOne                        |</div><div class="line">| service_id   | 27e0015e24654eb7bc06569ca10046b5 |</div><div class="line">| service_name | neutron                          |</div><div class="line">| service_type | network                          |</div><div class="line">| url          | http://controller:9696           |</div><div class="line">+--------------+----------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne network admin http://controller:9696 </span></div><div class="line">+--------------+----------------------------------+</div><div class="line">| Field        | Value                            |</div><div class="line">+--------------+----------------------------------+</div><div class="line">| enabled      | True                             |</div><div class="line">| id           | cab01468677d44258344b56b797e862a |</div><div class="line">| interface    | admin                            |</div><div class="line">| region       | RegionOne                        |</div><div class="line">| region_id    | RegionOne                        |</div><div class="line">| service_id   | 27e0015e24654eb7bc06569ca10046b5 |</div><div class="line">| service_name | neutron                          |</div><div class="line">| service_type | network                          |</div><div class="line">| url          | http://controller:9696           |</div><div class="line">+--------------+----------------------------------+</div></pre></td></tr></table></figure>
<h3 id="增加Networking-配置-controller"><a href="#增加Networking-配置-controller" class="headerlink" title="增加Networking - 配置(controller)"></a>增加Networking - 配置(controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;安装组件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum install openstack-neutron openstack-neutron-ml2 \</span></div><div class="line">&gt; openstack-neutron-linuxbridge python-neutronclient ebtables ipset</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;配置服务端组件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/neutron/neutron.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改或增加</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div><div class="line">24</div><div class="line">25</div><div class="line">26</div><div class="line">27</div><div class="line">28</div><div class="line">29</div><div class="line">30</div><div class="line">31</div><div class="line">32</div><div class="line">33</div><div class="line">34</div><div class="line">35</div><div class="line">36</div><div class="line">37</div><div class="line">38</div><div class="line">39</div><div class="line">40</div></pre></td><td class="code"><pre><div class="line">[DEFAULT]</div><div class="line">core_plugin = ml2</div><div class="line">service_plugins =</div><div class="line">rpc_backend = rabbit</div><div class="line">auth_strategy = keystone</div><div class="line">notify_nova_on_port_status_changes = True</div><div class="line">notify_nova_on_port_data_changes = True</div><div class="line">nova_url = http://controller:8774/v2</div><div class="line">verbose = True</div><div class="line"></div><div class="line">[database]</div><div class="line">connection = mysql://neutron:quidyOC50@controller/neutron</div><div class="line"></div><div class="line">[oslo_messaging_rabbit]</div><div class="line">rabbit_host = controller</div><div class="line">rabbit_userid = openstack</div><div class="line">rabbit_password = o3NXovnz5</div><div class="line"></div><div class="line">[keystone_authtoken]</div><div class="line">auth_uri = http://controller:5000</div><div class="line">auth_url = http://controller:35357</div><div class="line">auth_plugin = password</div><div class="line">project_domain_id = default</div><div class="line">user_domain_id = default</div><div class="line">project_name = service</div><div class="line">username = neutron</div><div class="line">password = mdcGVl29i</div><div class="line"></div><div class="line">[nova]</div><div class="line">auth_url = http://controller:35357</div><div class="line">auth_plugin = password</div><div class="line">project_domain_id = default</div><div class="line">user_domain_id = default</div><div class="line">region_name = RegionOne</div><div class="line">project_name = service</div><div class="line">username = nova</div><div class="line">password = hsSNsqc43</div><div class="line"></div><div class="line">[oslo_concurrency]</div><div class="line">lock_path = /var/lib/neutron/tmp</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/47.png?raw=true" alt="47"><figcaption class="figure__caption">47</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/48.png?raw=true" alt="48"><figcaption class="figure__caption">48</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/49.png?raw=true" alt="49"><figcaption class="figure__caption">49</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/50.png?raw=true" alt="50"><figcaption class="figure__caption">50</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/51.png?raw=true" alt="51"><figcaption class="figure__caption">51</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/52.png?raw=true" alt="52"><figcaption class="figure__caption">52</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;配置ml2 插件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/neutron/plugins/ml2/ml2_conf.ini</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改或增加</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div></pre></td><td class="code"><pre><div class="line">[ml2]</div><div class="line">type_drivers = flat,vlan</div><div class="line">tenant_network_types =</div><div class="line">mechanism_drivers = linuxbridge</div><div class="line">extension_drivers = port_security</div><div class="line"></div><div class="line">[ml2_type_flat]</div><div class="line">flat_networks = public</div><div class="line"></div><div class="line">[securitygroup]</div><div class="line">enable_ipset = True</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/53.png?raw=true" alt="53"><figcaption class="figure__caption">53</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/54.png?raw=true" alt="54"><figcaption class="figure__caption">54</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/55.png?raw=true" alt="55"><figcaption class="figure__caption">55</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑linux桥接agent</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;增加或更改</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div></pre></td><td class="code"><pre><div class="line">[linux_bridge]</div><div class="line">physical_interface_mappings = public:ens33</div><div class="line"></div><div class="line">[vxlan]</div><div class="line">enable_vxlan = False</div><div class="line"></div><div class="line">[agent]</div><div class="line">prevent_arp_spoofing = True</div><div class="line"></div><div class="line">[securitygroup]</div><div class="line">enable_security_group = True</div><div class="line">firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/56.png?raw=true" alt="56"><figcaption class="figure__caption">56</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/57.png?raw=true" alt="57"><figcaption class="figure__caption">57</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/58.png?raw=true" alt="58"><figcaption class="figure__caption">58</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/59.png?raw=true" alt="59"><figcaption class="figure__caption">59</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;配置dhcp agent</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/neutron/dhcp_agent.ini</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;增加或更改</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div></pre></td><td class="code"><pre><div class="line">[DEFAULT]</div><div class="line">interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver</div><div class="line">dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq</div><div class="line">enable_isolated_metadata = True</div><div class="line">verbose = True</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/60.png?raw=true" alt="60"><figcaption class="figure__caption">60</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑配置文件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/neutron/metadata_agent.ini</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改或增加</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div></pre></td><td class="code"><pre><div class="line">[DEFAULT]</div><div class="line">auth_uri = http://controller:5000</div><div class="line">auth_url = http://controller:35357</div><div class="line">auth_region = RegionOne</div><div class="line">auth_plugin = password</div><div class="line">project_domain_id = default</div><div class="line">user_domain_id = default</div><div class="line">project_name = service</div><div class="line">username = neutron</div><div class="line">password = mdcGVl29i</div><div class="line">nova_metadata_ip = controller</div><div class="line">metadata_proxy_shared_secret = m8uhmQTu2</div><div class="line">verbose = True</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/61.png?raw=true" alt="61"><figcaption class="figure__caption">61</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;说明：需要删除掉配置文件里原有的 auth_url   auth_region admin_tenant_name  admin_user  admin_password</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/nova/nova.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改或添加</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div></pre></td><td class="code"><pre><div class="line">[neutron]</div><div class="line">url = http://controller:9696</div><div class="line">auth_url = http://controller:35357</div><div class="line">auth_plugin = password</div><div class="line">project_domain_id = default</div><div class="line">user_domain_id = default</div><div class="line">region_name = RegionOne</div><div class="line">project_name = service</div><div class="line">username = neutron</div><div class="line">password = mdcGVl29i</div><div class="line"></div><div class="line">service_metadata_proxy = True</div><div class="line">metadata_proxy_shared_secret = m8uhmQTu2</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/62.png?raw=true" alt="62"><figcaption class="figure__caption">62</figcaption></figure></p>
<h3 id="增加Networking-启动服务-controller"><a href="#增加Networking-启动服务-controller" class="headerlink" title="增加Networking - 启动服务(controller)"></a>增加Networking - 启动服务(controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建ml2插件配置文件创建软连接</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;生成数据</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \</span></div><div class="line">&gt; --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head<span class="string">" neutron</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;重启compute api服务</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl restart openstack-nova-api.service</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;启动服务</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl enable neutron-server.service \</span></div><div class="line">&gt; neutron-linuxbridge-agent.service neutron-dhcp-agent.service \</div><div class="line">&gt; neutron-metadata-agent.service</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl start neutron-server.service \</span></div><div class="line">&gt; neutron-linuxbridge-agent.service neutron-dhcp-agent.service \</div><div class="line">&gt; neutron-metadata-agent.service</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl enable neutron-l3-agent.service</span></div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-l3-agent.service to /usr/lib/systemd/system/neutron-l3-agent.service.</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl start neutron-l3-agent.service</span></div></pre></td></tr></table></figure>
<h3 id="增加Networking-配置compute节点-compute"><a href="#增加Networking-配置compute节点-compute" class="headerlink" title="增加Networking - 配置compute节点(compute)"></a>增加Networking - 配置compute节点(compute)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;安装组件 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># yum install -y openstack-neutron openstack-neutron-linuxbridge ebtables ipset</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;配置普通组件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># vim /etc/neutron/neutron.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改或增加</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div></pre></td><td class="code"><pre><div class="line">[DEFAULT]</div><div class="line">rpc_backend = rabbit</div><div class="line">auth_strategy = keystone</div><div class="line">verbose = True</div><div class="line"></div><div class="line">[oslo_messaging_rabbit]</div><div class="line">rabbit_host = controller</div><div class="line">rabbit_userid = openstack</div><div class="line">rabbit_password = o3NXovnz5</div><div class="line"></div><div class="line">[keystone_authtoken]</div><div class="line">auth_uri = http://controller:5000</div><div class="line">auth_url = http://controller:35357</div><div class="line">auth_plugin = password</div><div class="line">project_domain_id = default</div><div class="line">user_domain_id = default</div><div class="line">project_name = service</div><div class="line">username = neutron</div><div class="line">password = mdcGVl29i</div><div class="line"></div><div class="line">[oslo_concurrency]</div><div class="line">lock_path = /var/lib/neutron/tmp</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/63.png?raw=true" alt="63"><figcaption class="figure__caption">63</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/64.png?raw=true" alt="64"><figcaption class="figure__caption">64</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/65.png?raw=true" alt="65"><figcaption class="figure__caption">65</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/66.png?raw=true" alt="66"><figcaption class="figure__caption">66</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;配置linux桥接agent</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div></pre></td><td class="code"><pre><div class="line">[linux_bridge]</div><div class="line">physical_interface_mappings = public:ens33</div><div class="line"></div><div class="line">[vxlan]</div><div class="line">enable_vxlan = False</div><div class="line"></div><div class="line">[agent]</div><div class="line">prevent_arp_spoofing = True</div><div class="line"></div><div class="line">[securitygroup]</div><div class="line">enable_security_group = True</div><div class="line">firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/67.png?raw=true" alt="67"><figcaption class="figure__caption">67</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/68.png?raw=true" alt="68"><figcaption class="figure__caption">68</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/69.png?raw=true" alt="69"><figcaption class="figure__caption">69</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/70.png?raw=true" alt="70"><figcaption class="figure__caption">70</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;配置compute使用网络</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># vim /etc/nova/nova.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改或增加</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div></pre></td><td class="code"><pre><div class="line">[neutron]</div><div class="line">url = http://controller:9696</div><div class="line">auth_url = http://controller:35357</div><div class="line">auth_plugin = password</div><div class="line">project_domain_id = default</div><div class="line">user_domain_id = default</div><div class="line">region_name = RegionOne</div><div class="line">project_name = service</div><div class="line">username = neutron</div><div class="line">password = mdcGVl29i</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/71.png?raw=*true*" alt="71"><figcaption class="figure__caption">71</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;启动服务</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># systemctl restart openstack-nova-compute.service</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># systemctl enable neutron-linuxbridge-agent.service</span></div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service to /usr/lib/systemd/system/neutron-linuxbridge-agent.service.</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># systemctl start neutron-linuxbridge-agent.service</span></div></pre></td></tr></table></figure>
<h3 id="增加Networking-验证配置-controller"><a href="#增加Networking-验证配置-controller" class="headerlink" title="增加Networking - 验证配置(controller)"></a>增加Networking - 验证配置(controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;执行环境变量脚本</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source admin-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;列出所有的扩展</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># neutron ext-list</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;列出所有agent</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># neutron agent-list</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;agent type如下：</p>
<ul>
<li>Linux bridge agent</li>
<li>Linux bridge agent</li>
<li>DHCP agent</li>
<li>Metadata agent</li>
</ul>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;必须要有4个，否则说明上面的某个步骤配置有问题。</p>
<h2 id="13-增加-dashboard-组件"><a href="#13-增加-dashboard-组件" class="headerlink" title="13.增加 dashboard 组件"></a>13.增加 dashboard 组件</h2><h3 id="增加dashboard-horizon-controller"><a href="#增加dashboard-horizon-controller" class="headerlink" title="增加dashboard  - horizon (controller)"></a>增加dashboard  - horizon (controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;安装包</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum install -y openstack-dashboard</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑配置文件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/openstack-dashboard/local_settings</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改或增加</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">OPENSTACK_HOST = <span class="string">"controller"</span></div><div class="line">ALLOWED_HOSTS = [<span class="string">'*'</span>, ]</div><div class="line">CACHES = &#123;</div><div class="line"><span class="string">'default'</span>: &#123;</div><div class="line"><span class="string">'BACKEND'</span>: <span class="string">'django.core.cache.backends.locmem.LocMemCache'</span>,</div><div class="line"><span class="string">'LOCATION'</span>: <span class="string">'127.0.0.1:11211'</span>,</div><div class="line">&#125; &#125;</div><div class="line">OPENSTACK_KEYSTONE_DEFAULT_ROLE = <span class="string">"user"</span></div><div class="line">OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True</div><div class="line">OPENSTACK_API_VERSIONS = &#123;</div><div class="line"><span class="string">"identity"</span>: 3,</div><div class="line"><span class="string">"volume"</span>: 2,</div><div class="line">&#125;</div><div class="line">TIME_ZONE = <span class="string">"Asia/Chongqing"</span></div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/72.png?raw=true" alt="72"><figcaption class="figure__caption">72</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;改为</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/73.png?raw=true" alt="73"><figcaption class="figure__caption">73</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/74.png?raw=true" alt="74"><figcaption class="figure__caption">74</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;改为</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/75.png?raw=true" alt="75"><figcaption class="figure__caption">75</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/76.png?raw=true" alt="76"><figcaption class="figure__caption">76</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;改为</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/77.png?raw=true" alt="77"><figcaption class="figure__caption">77</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/78.png?raw=true" alt="78"><figcaption class="figure__caption">78</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;改为</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/79.png?raw=true" alt="79"><figcaption class="figure__caption">79</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/80.png?raw=true" alt="80"><figcaption class="figure__caption">80</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;改为</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/81.png?raw=true" alt="81"><figcaption class="figure__caption">81</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/82.png?raw=true" alt="82"><figcaption class="figure__caption">82</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;改为</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/83.png?raw=true" alt="83"><figcaption class="figure__caption">83</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/84.png?raw=true" alt="84"><figcaption class="figure__caption">84</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;改为</p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/85.png?raw=true" alt="85"><figcaption class="figure__caption">85</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;重启服务</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl restart httpd.service memcached.service</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;此时可以去访问了 <a href="http://controller/dashboard" target="_blank" rel="external">http://controller/dashboard</a>   使用账号admin或者demon用户登陆即可，域为default</p>
<h2 id="14-增加-cinder-组件"><a href="#14-增加-cinder-组件" class="headerlink" title="14.增加 cinder 组件"></a>14.增加 cinder 组件</h2><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;增加block storage - 前期准备 (controller)</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;block storage又叫做cinder，用来给openstack提供存储服务，比如我们在阿里云购买一台云主机，同时想购买容量大的磁盘，通常叫做云盘，这个云盘就是block storage。</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建库并授权cinder用户</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># mysql -uroot -ptn1Pi6Ytm</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div></pre></td><td class="code"><pre><div class="line">MariaDB [(none)]&gt; CREATE DATABASE cinder;</div><div class="line">Query OK, 1 row affected (0.00 sec)</div><div class="line"> </div><div class="line">MariaDB [(none)]&gt; GRANT ALL PRIVILEGES ON cinder.* TO <span class="string">'cinder'</span>@<span class="string">'localhost'</span> IDENTIFIED BY <span class="string">'O3bwbpoZ3'</span>; </div><div class="line">Query OK, 0 rows affected (0.01 sec)</div><div class="line"> </div><div class="line">MariaDB [(none)]&gt; GRANT ALL PRIVILEGES ON cinder.* TO <span class="string">'cinder'</span>@<span class="string">'%'</span> IDENTIFIED BY <span class="string">'O3bwbp </span></div><div class="line"><span class="string">Query OK, 0 rows affected (0.00 sec)</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;执行初始化脚本</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source admin-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建cinder用户 （密码为hf8LX9bow）</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack user create --domain default --password-prompt cinder</span></div><div class="line">User Password:</div><div class="line">Repeat User Password:</div><div class="line">+-----------+----------------------------------+</div><div class="line">| Field     | Value                            |</div><div class="line">+-----------+----------------------------------+</div><div class="line">| domain_id | default                          |</div><div class="line">| enabled   | True                             |</div><div class="line">| id        | d40f3763630e42eea28fbc23d932e1db |</div><div class="line">| name      | cinder                           |</div><div class="line">+-----------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;添加admin角色</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack role add --project service --user cinder admin</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建cinder和cinderv2 实例</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack service create --name cinder \</span></div><div class="line">&gt; --description <span class="string">"OpenStack Block Storage"</span> volume</div><div class="line">+-------------+----------------------------------+</div><div class="line">| Field       | Value                            |</div><div class="line">+-------------+----------------------------------+</div><div class="line">| description | OpenStack Block Storage          |</div><div class="line">| enabled     | True                             |</div><div class="line">| id          | 75380a0ca9764ed29f69241b34130173 |</div><div class="line">| name        | cinder                           |</div><div class="line">| <span class="built_in">type</span>        | volume                           |</div><div class="line">+-------------+----------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack service create --name cinderv2 \</span></div><div class="line">&gt; --description <span class="string">"OpenStack Block Storage"</span> volumev2</div><div class="line">+-------------+----------------------------------+</div><div class="line">| Field       | Value                            |</div><div class="line">+-------------+----------------------------------+</div><div class="line">| description | OpenStack Block Storage          |</div><div class="line">| enabled     | True                             |</div><div class="line">| id          | d680833b65fc446480b6aa4ccf15073b |</div><div class="line">| name        | cinderv2                         |</div><div class="line">| <span class="built_in">type</span>        | volumev2                         |</div><div class="line">+-------------+----------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建块存储服务api终端</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne volume public http://controller:8776/v1/%\(tenant_id\)s</span></div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| Field        | Value                                   |</div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| enabled      | True                                    |</div><div class="line">| id           | 12cfa0383a8a474e8dbd04bfeebc0a3f        |</div><div class="line">| interface    | public                                  |</div><div class="line">| region       | RegionOne                               |</div><div class="line">| region_id    | RegionOne                               |</div><div class="line">| service_id   | 75380a0ca9764ed29f69241b34130173        |</div><div class="line">| service_name | cinder                                  |</div><div class="line">| service_type | volume                                  |</div><div class="line">| url          | http://controller:8776/v1/%(tenant_id)s |</div><div class="line">+--------------+-----------------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne volume internal http://controller:8776/v1/%\(tenant_id\)s</span></div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| Field        | Value                                   |</div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| enabled      | True                                    |</div><div class="line">| id           | 06b12355e6554f4d8228975f4bb58b46        |</div><div class="line">| interface    | internal                                |</div><div class="line">| region       | RegionOne                               |</div><div class="line">| region_id    | RegionOne                               |</div><div class="line">| service_id   | 75380a0ca9764ed29f69241b34130173        |</div><div class="line">| service_name | cinder                                  |</div><div class="line">| service_type | volume                                  |</div><div class="line">| url          | http://controller:8776/v1/%(tenant_id)s |</div><div class="line">+--------------+-----------------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne volume admin http://controller:8776/v1/%\(tenant_id\)s</span></div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| Field        | Value                                   |</div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| enabled      | True                                    |</div><div class="line">| id           | d3dc8b0eba2744d1b2abd79da965b846        |</div><div class="line">| interface    | admin                                   |</div><div class="line">| region       | RegionOne                               |</div><div class="line">| region_id    | RegionOne                               |</div><div class="line">| service_id   | 75380a0ca9764ed29f69241b34130173        |</div><div class="line">| service_name | cinder                                  |</div><div class="line">| service_type | volume                                  |</div><div class="line">| url          | http://controller:8776/v1/%(tenant_id)s |</div><div class="line">+--------------+-----------------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne volumev2 public http://controller:8776/v2/%\(tenant_id\)s</span></div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| Field        | Value                                   |</div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| enabled      | True                                    |</div><div class="line">| id           | f34bbb14772d473b8b6e3e721d03f61a        |</div><div class="line">| interface    | public                                  |</div><div class="line">| region       | RegionOne                               |</div><div class="line">| region_id    | RegionOne                               |</div><div class="line">| service_id   | d680833b65fc446480b6aa4ccf15073b        |</div><div class="line">| service_name | cinderv2                                |</div><div class="line">| service_type | volumev2                                |</div><div class="line">| url          | http://controller:8776/v2/%(tenant_id)s |</div><div class="line">+--------------+-----------------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne volumev2 internal http://controller:8776/v2/%\(tenant_id\)s</span></div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| Field        | Value                                   |</div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| enabled      | True                                    |</div><div class="line">| id           | e9d91f0776b149869262b0cb8983e12b        |</div><div class="line">| interface    | internal                                |</div><div class="line">| region       | RegionOne                               |</div><div class="line">| region_id    | RegionOne                               |</div><div class="line">| service_id   | d680833b65fc446480b6aa4ccf15073b        |</div><div class="line">| service_name | cinderv2                                |</div><div class="line">| service_type | volumev2                                |</div><div class="line">| url          | http://controller:8776/v2/%(tenant_id)s |</div><div class="line">+--------------+-----------------------------------------+</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%\(tenant_id\)s</span></div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| Field        | Value                                   |</div><div class="line">+--------------+-----------------------------------------+</div><div class="line">| enabled      | True                                    |</div><div class="line">| id           | 73d9a239b47542119256ab8183ba2b77        |</div><div class="line">| interface    | admin                                   |</div><div class="line">| region       | RegionOne                               |</div><div class="line">| region_id    | RegionOne                               |</div><div class="line">| service_id   | d680833b65fc446480b6aa4ccf15073b        |</div><div class="line">| service_name | cinderv2                                |</div><div class="line">| service_type | volumev2                                |</div><div class="line">| url          | http://controller:8776/v2/%(tenant_id)s |</div><div class="line">+--------------+-----------------------------------------+</div></pre></td></tr></table></figure>
<h3 id="增加block-storage-安装和配置-controller"><a href="#增加block-storage-安装和配置-controller" class="headerlink" title="增加block storage - 安装和配置 (controller)"></a>增加block storage - 安装和配置 (controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;安装包  </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># yum install -y openstack-cinder python-cinderclient</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑配置文件 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/cinder/cinder.conf</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;更改或增加</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div><div class="line">24</div><div class="line">25</div><div class="line">26</div><div class="line">27</div></pre></td><td class="code"><pre><div class="line">[DEFAULT]</div><div class="line">rpc_backend = rabbit</div><div class="line">auth_strategy = keystone</div><div class="line">my_ip = 192.168.1.99</div><div class="line">verbose = True</div><div class="line"></div><div class="line">[database]</div><div class="line">connection = mysql://cinder:O3bwbpoZ3@controller/cinder</div><div class="line"></div><div class="line"></div><div class="line">[keystone_authtoken]</div><div class="line">auth_uri = http://controller:5000</div><div class="line">auth_url = http://controller:35357</div><div class="line">auth_plugin = password</div><div class="line">project_domain_id = default</div><div class="line">user_domain_id = default</div><div class="line">project_name = service</div><div class="line">username = cinder</div><div class="line">password = hf8LX9bow</div><div class="line"></div><div class="line">[oslo_messaging_rabbit]</div><div class="line">rabbit_host = controller</div><div class="line">rabbit_userid = openstack</div><div class="line">rabbit_password = o3NXovnz5</div><div class="line"></div><div class="line">[oslo_concurrency]</div><div class="line">lock_path = /var/lib/cinder/tmp</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/86.png?raw=true" alt="86"><figcaption class="figure__caption">86</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/87.png?raw=true" alt="87"><figcaption class="figure__caption">87</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/88.png?raw=true" alt="88"><figcaption class="figure__caption">88</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/89.png?raw=true" alt="89"><figcaption class="figure__caption">89</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/90.png?raw=true" alt="90"><figcaption class="figure__caption">90</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;同步数据  </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># su -s /bin/sh -c "cinder-manage db sync" cinder</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;配置compute使用块存储</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># vim /etc/nova/nova.conf</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[cinder]</div><div class="line">os_region_name=RegionOne</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/91.png?raw=true" alt="91"><figcaption class="figure__caption">91</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;启动服务</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl restart openstack-nova-api.service</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service</span></div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-cinder-api.service to /usr/lib/systemd/system/openstack-cinder-api.service.</div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-cinder-scheduler.service to /usr/lib/systemd/system/openstack-cinder-scheduler.service.</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service</span></div></pre></td></tr></table></figure>
<h3 id="增加block-storage-配置storage节点-compute"><a href="#增加block-storage-配置storage节点-compute" class="headerlink" title="增加block storage - 配置storage节点 (compute)"></a>增加block storage - 配置storage节点 (compute)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;我们理应需要再准备一台单独的机器来做storage服务的，但是为了节省资源，我们就 那compute节点和storage节点共用。这里需要为compute（storage）节点再增加一块磁盘 （/dev/sdb）作为存储磁盘。</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;安装lvm </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># yum install -y lvm2</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;启动服务</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># systemctl enable lvm2-lvmetad.service</span></div><div class="line">Created symlink from /etc/systemd/system/sysinit.target.wants/lvm2-lvmetad.service to /usr/lib/systemd/system/lvm2-lvmetad.service.</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># systemctl start lvm2-lvmetad.service</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建物理卷 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># pvcreate /dev/sdb</span></div><div class="line"> Physical volume <span class="string">"/dev/sdb"</span> successfully created.</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建卷组  </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># vgcreate cinder-volumes /dev/sdb</span></div><div class="line"> Volume group <span class="string">"cinder-volumes"</span> successfully created</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑配置文件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># vim /etc/lvm/lvm.conf</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div></pre></td><td class="code"><pre><div class="line">devices &#123;</div><div class="line"> filter = [ <span class="string">"a/sdb/"</span>, <span class="string">"r/.*/"</span>]</div><div class="line"> 说明： 如果还有第三块磁盘，应该再加上</div><div class="line">filter = [ <span class="string">"a/sda/"</span>, <span class="string">"a/sdb/"</span>, <span class="string">"r/.*/"</span>]</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/92.png?raw=true" alt="92"><figcaption class="figure__caption">92</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;安装包 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># yum install -y openstack-cinder targetcli python-oslo-policy</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;编辑配置文件</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># vim /etc/cinder/cinder.conf</span></div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div><div class="line">24</div><div class="line">25</div><div class="line">26</div><div class="line">27</div><div class="line">28</div><div class="line">29</div><div class="line">30</div><div class="line">31</div><div class="line">32</div><div class="line">33</div><div class="line">34</div></pre></td><td class="code"><pre><div class="line">[DEFAULT]</div><div class="line">rpc_backend = rabbit</div><div class="line">auth_strategy = keystone</div><div class="line">my_ip = 192.168.1.98</div><div class="line">enabled_backends = lvm</div><div class="line">glance_host = controller</div><div class="line">verbose = True</div><div class="line"></div><div class="line">[database]</div><div class="line">connection = mysql://cinder:O3bwbpoZ3@controller/cinder</div><div class="line"></div><div class="line">[oslo_messaging_rabbit]</div><div class="line">rabbit_host = controller</div><div class="line">rabbit_userid = openstack</div><div class="line">rabbit_password = o3NXovnz5</div><div class="line"></div><div class="line">[keystone_authtoken]</div><div class="line">auth_uri = http://controller:5000</div><div class="line">auth_url = http://controller:35357</div><div class="line">auth_plugin = password</div><div class="line">project_domain_id = default</div><div class="line">user_domain_id = default</div><div class="line">project_name = service</div><div class="line">username = cinder</div><div class="line">password = hf8LX9bow</div><div class="line"></div><div class="line">[lvm]</div><div class="line">volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver</div><div class="line">volume_group = cinder-volumes</div><div class="line">iscsi_protocol = iscsi</div><div class="line">iscsi_helper = lioadm</div><div class="line"></div><div class="line">[oslo_concurrency]</div><div class="line">lock_path = /var/lib/cinder/tmp</div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/93.png?raw=true" alt="93"><figcaption class="figure__caption">93</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/94.png?raw=~~true~~" alt="94"><figcaption class="figure__caption">94</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/95.png?raw=true" alt="95"><figcaption class="figure__caption">95</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/96.png?raw=true" alt="96"><figcaption class="figure__caption">96</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/97.png?raw=true" alt="97"><figcaption class="figure__caption">97</figcaption></figure></p>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/98.png?raw=true" alt="98"><figcaption class="figure__caption">98</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;启动服务 (compute)</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># systemctl enable openstack-cinder-volume.service target.service</span></div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-cinder-volume.service to /usr/lib/systemd/system/openstack-cinder-volume.service.</div><div class="line">Created symlink from /etc/systemd/system/multi-user.target.wants/target.service to /usr/lib/systemd/system/target.service.</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@compute ~]<span class="comment"># systemctl start openstack-cinder-volume.service target.service</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;验证操作  (controller)</p>
<p>1). 执行初始化脚本</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source admin-openrc.sh</span></div></pre></td></tr></table></figure>
<p>2). 列出服务</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># cinder service-list</span></div></pre></td></tr></table></figure>
<h2 id="15-运行实例"><a href="#15-运行实例" class="headerlink" title="15.运行实例"></a>15.运行实例</h2><h3 id="创建公网网络-controller"><a href="#创建公网网络-controller" class="headerlink" title="创建公网网络   (controller)"></a>创建公网网络   (controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;执行初始化脚本 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source admin-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建网络</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># neutron net-create public --shared --provider:physical_network public \</span></div><div class="line">&gt; --provider:network_type flat</div><div class="line">Created a new network:</div><div class="line">+---------------------------+--------------------------------------+</div><div class="line">| Field                     | Value                                |</div><div class="line">+---------------------------+--------------------------------------+</div><div class="line">| admin_state_up            | True                                 |</div><div class="line">| id                        | 7685414f-e88f-46e0-b7f3-5867771331bf |</div><div class="line">| mtu                       | 0                                    |</div><div class="line">| name                      | public                               |</div><div class="line">| port_security_enabled     | True                                 |</div><div class="line">| provider:network_type     | flat                                 |</div><div class="line">| provider:physical_network | public                               |</div><div class="line">| provider:segmentation_id  |                                      |</div><div class="line">| router:external           | False                                |</div><div class="line">| shared                    | True                                 |</div><div class="line">| status                    | ACTIVE                               |</div><div class="line">| subnets                   |                                      |</div><div class="line">| tenant_id                 | 4b9a26837e5443bc9b35ffa36f97f868     |</div><div class="line">+---------------------------+--------------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建子网</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># neutron subnet-create public 192.168.1.0/24 --name public \</span></div><div class="line">&gt; --allocation-pool start=192.168.1.10,end=192.168.1.30 \</div><div class="line">&gt; --dns-nameserver 61.128.128.68 --gateway 192.168.1.2</div><div class="line">Created a new subnet:</div><div class="line">+-------------------+--------------------------------------------------+</div><div class="line">| Field             | Value                                            |</div><div class="line">+-------------------+--------------------------------------------------+</div><div class="line">| allocation_pools  | &#123;<span class="string">"start"</span>: <span class="string">"192.168.1.10"</span>, <span class="string">"end"</span>: <span class="string">"192.168.1.30"</span>&#125; |</div><div class="line">| cidr              | 192.168.1.0/24                                   |</div><div class="line">| dns_nameservers   | 61.128.128.68                                    |</div><div class="line">| enable_dhcp       | True                                             |</div><div class="line">| gateway_ip        | 192.168.1.2                                      |</div><div class="line">| host_routes       |                                                  |</div><div class="line">| id                | 201038f1-c327-46b7-ba34-695ea712f742             |</div><div class="line">| ip_version        | 4                                                |</div><div class="line">| ipv6_address_mode |                                                  |</div><div class="line">| ipv6_ra_mode      |                                                  |</div><div class="line">| name              | public                                           |</div><div class="line">| network_id        | 7685414f-e88f-46e0-b7f3-5867771331bf             |</div><div class="line">| subnetpool_id     |                                                  |</div><div class="line">| tenant_id         | 4b9a26837e5443bc9b35ffa36f97f868                 |</div><div class="line">+-------------------+--------------------------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;说明：这里的公网，实际上是虚拟机用的那个网段，我们暂时把它作为公网，在这里因为涉及到dhcp服务，会和局域网内的路由器上的dhcp服务产生冲突，所以需要先把路由器上的dhcp服务关掉。</p>
<h3 id="创建key-controller"><a href="#创建key-controller" class="headerlink" title="创建key   (controller)"></a>创建key   (controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;执行初始化脚本 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source demo-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;生成密钥</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># ssh-keygen -q -N ""</span></div><div class="line">Enter file <span class="keyword">in</span> <span class="built_in">which</span> to save the key (/root/.ssh/id_rsa):</div></pre></td></tr></table></figure>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova keypair-add --pub-key ~/.ssh/id_rsa.pub mykey</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;验证密钥</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova keypair-list</span></div><div class="line">+-------+-------------------------------------------------+</div><div class="line">| Name  | Fingerprint                                     |</div><div class="line">+-------+-------------------------------------------------+</div><div class="line">| mykey | 11:c7:8b:e5:72:9d:13:19:03:46:bf:d8:8d:ef:69:c3 |</div><div class="line">+-------+-------------------------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;增加安全组规则</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0</span></div><div class="line">+-------------+-----------+---------+-----------+--------------+</div><div class="line">| IP Protocol | From Port | To Port | IP Range  | Source Group |</div><div class="line">+-------------+-----------+---------+-----------+--------------+</div><div class="line">| icmp        | -1        | -1      | 0.0.0.0/0 |              |</div><div class="line">+-------------+-----------+---------+-----------+--------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;允许ssh 访问</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova secgroup-add-rule default tcp 22 22 0.0.0.0/0</span></div><div class="line">+-------------+-----------+---------+-----------+--------------+</div><div class="line">| IP Protocol | From Port | To Port | IP Range  | Source Group |</div><div class="line">+-------------+-----------+---------+-----------+--------------+</div><div class="line">| tcp         | 22        | 22      | 0.0.0.0/0 |              |</div><div class="line">+-------------+-----------+---------+-----------+--------------+</div></pre></td></tr></table></figure>
<h3 id="配置实例选项-controller"><a href="#配置实例选项-controller" class="headerlink" title="配置实例选项   (controller)"></a>配置实例选项   (controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;执行初始化脚本 </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source demo-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;列出实例类型</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova flavor-list</span></div><div class="line">+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+</div><div class="line">| ID | Name      | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |</div><div class="line">+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+</div><div class="line">| 1  | m1.tiny   | 512       | 1    | 0         |      | 1     | 1.0         | True      |</div><div class="line">| 2  | m1.small  | 2048      | 20   | 0         |      | 1     | 1.0         | True      |</div><div class="line">| 3  | m1.medium | 4096      | 40   | 0         |      | 2     | 1.0         | True      |</div><div class="line">| 4  | m1.large  | 8192      | 80   | 0         |      | 4     | 1.0         | True      |</div><div class="line">| 5  | m1.xlarge | 16384     | 160  | 0         |      | 8     | 1.0         | True      |</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;列出所有镜像</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova image-list </span></div><div class="line">+--------------------------------------+--------+--------+--------+</div><div class="line">| ID                                   | Name   | Status | Server |</div><div class="line">+--------------------------------------+--------+--------+--------+</div><div class="line">| 3b1625d2-9f42-43f3-af8d-3a976c1825f7 | cirros | ACTIVE |        |</div><div class="line">+--------------------------------------+--------+--------+--------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;列出可用网络</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># neutron net-list</span></div><div class="line">+--------------------------------------+--------+-----------------------------------------------------+</div><div class="line">| id                                   | name   | subnets                                             |</div><div class="line">+--------------------------------------+--------+-----------------------------------------------------+</div><div class="line">| 7685414f-e88f-46e0-b7f3-5867771331bf | public | 201038f1-c327-46b7-ba34-695ea712f742 192.168.1.0/24 |</div><div class="line">+--------------------------------------+--------+-----------------------------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;列出安全组</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova secgroup-list</span></div><div class="line">+--------------------------------------+---------+------------------------+</div><div class="line">| Id                                   | Name    | Description            |</div><div class="line">+--------------------------------------+---------+------------------------+</div><div class="line">| ce571d20-ba6d-4aa5-b752-0181753ca729 | default | Default security group |</div><div class="line">+--------------------------------------+---------+------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;运行实例</p>
<p>nova boot –flavor m1.tiny –image cirros –nic net-id=PUBLIC_NET_ID \<br>  –security-group default –key-name mykey public-instance</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;说明：这里的PUBLIC_NET_ID需要替换为可用网络里面public网络的id</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova boot --flavor m1.tiny --image cirros --nic net-id=7685414f-e88f-46e0-b7f3-5867771331bf --security-group default --key-name mykey public-instance</span></div></pre></td></tr></table></figure>
<p><figure class="figure"><img src="https://github.com/hcldirgit/image/blob/5122697837c4adea982d2ac177624d498ba146df/%E4%BA%91%E8%AE%A1%E7%AE%97%20OpenStack/99.png?raw=true" alt="99"><figcaption class="figure__caption">99</figcaption></figure></p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;检测实例状态</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova list</span></div><div class="line">+--------------------------------------+-----------------+--------+------------+-------------+---------------------+</div><div class="line">| ID                                   | Name            | Status | Task State | Power State | Networks            |</div><div class="line">+--------------------------------------+-----------------+--------+------------+-------------+---------------------+</div><div class="line">| 12633a6f-841f-4f1c-bbb8-8823ede33f07 | public-instance | ACTIVE | -          | Running     | public=192.168.1.11 |</div><div class="line">+--------------------------------------+-----------------+--------+------------+-------------+---------------------+</div></pre></td></tr></table></figure>
<h3 id="连接实例-controller"><a href="#连接实例-controller" class="headerlink" title="连接实例   (controller)"></a>连接实例   (controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;使用vnc连接（使用下面命令可以列出vnc的连接）</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova get-vnc-console public-instance novnc</span></div><div class="line">+-------+---------------------------------------------------------------------------------+</div><div class="line">| Type  | Url                                                                             |</div><div class="line">+-------+---------------------------------------------------------------------------------+</div><div class="line">| novnc | http://controller:6080/vnc_auto.html?token=e30b64d1-b322-4760-8c56-a38bc9109b9d |</div><div class="line">+-------+---------------------------------------------------------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;验证网络（在实例里面）  </p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;ping -c 4 192.168.1.2</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;远程连接实例</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;首先用nova list 查看实例的ip（假如为192.168.1.11）</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;验证ip</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;ping -c4 192.168.16.11</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;远程ssh登录   </p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># ssh cirros@192.168.1.11</span></div></pre></td></tr></table></figure>
<h2 id="16-给实例增加云盘"><a href="#16-给实例增加云盘" class="headerlink" title="16.给实例增加云盘"></a>16.给实例增加云盘</h2><h3 id="增加云盘-controller"><a href="#增加云盘-controller" class="headerlink" title="增加云盘   (controller)"></a>增加云盘   (controller)</h3><p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;先执行初始化脚本</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># source demo-openrc.sh</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;创建一个2G的云盘，名字为volume1</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div><div class="line">24</div><div class="line">25</div><div class="line">26</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># cinder create --display-name volume1 2</span></div><div class="line">+---------------------------------------+--------------------------------------+</div><div class="line">| Property                              | Value                                |</div><div class="line">+---------------------------------------+--------------------------------------+</div><div class="line">| attachments                           | []                                   |</div><div class="line">| availability_zone                     | nova                                 |</div><div class="line">| bootable                              | <span class="literal">false</span>                                |</div><div class="line">| consistencygroup_id                   | None                                 |</div><div class="line">| created_at                            | 2017-01-20T10:32:05.000000           |</div><div class="line">| description                           | None                                 |</div><div class="line">| encrypted                             | False                                |</div><div class="line">| id                                    | fddd495f-448b-4133-a7d0-4a1970aa57ad |</div><div class="line">| metadata                              | &#123;&#125;                                   |</div><div class="line">| multiattach                           | False                                |</div><div class="line">| name                                  | volume1                              |</div><div class="line">| os-vol-tenant-attr:tenant_id          | e42c063541c34399a6d57ab1199ed368     |</div><div class="line">| os-volume-replication:driver_data     | None                                 |</div><div class="line">| os-volume-replication:extended_status | None                                 |</div><div class="line">| replication_status                    | disabled                             |</div><div class="line">| size                                  | 2                                    |</div><div class="line">| snapshot_id                           | None                                 |</div><div class="line">| source_volid                          | None                                 |</div><div class="line">| status                                | creating                             |</div><div class="line">| user_id                               | 8a6d52addac6463ba10bfbf7db625b3f     |</div><div class="line">| volume_type                           | None                                 |</div><div class="line">+---------------------------------------+--------------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;列出所有云盘</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># cinder list</span></div><div class="line">+--------------------------------------+-----------+---------+------+-------------+----------+-------------+-------------+</div><div class="line">| ID                                   | Status    | Name    | Size | Volume Type | Bootable | Multiattach | Attached to |</div><div class="line">+--------------------------------------+-----------+---------+------+-------------+----------+-------------+-------------+</div><div class="line">| fddd495f-448b-4133-a7d0-4a1970aa57ad | available | volume1 | 2    | -           | <span class="literal">false</span>    | False       |             |</div><div class="line">+--------------------------------------+-----------+---------+------+-------------+----------+-------------+-------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;把云盘挂到实例中</p>
<p>nova volume-attach INSTANCE_NAME VOLUME_ID</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova volume-attach public-instance fddd495f-448b-4133-a7d0-4a1970aa57ad</span></div><div class="line">+----------+--------------------------------------+</div><div class="line">| Property | Value                                |</div><div class="line">+----------+--------------------------------------+</div><div class="line">| device   | /dev/vdb                             |</div><div class="line">| id       | fddd495f-448b-4133-a7d0-4a1970aa57ad |</div><div class="line">| serverId | 12633a6f-841f-4f1c-bbb8-8823ede33f07 |</div><div class="line">| volumeId | fddd495f-448b-4133-a7d0-4a1970aa57ad |</div><div class="line">+----------+--------------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;说明：INSTACE_NAME可以用nova list查看，VOLUME_ID就是用cinder list查看到的云盘id</p>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;列出已经挂上的云盘</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># nova volume-list</span></div><div class="line">WARNING: Command volume-list is deprecated and will be removed after Nova 13.0.0 is released. Use python-cinderclient or openstackclient instead.</div><div class="line">+--------------------------------------+--------+--------------+------+-------------+--------------------------------------+</div><div class="line">| ID                                   | Status | Display Name | Size | Volume Type | Attached to                          |</div><div class="line">+--------------------------------------+--------+--------------+------+-------------+--------------------------------------+</div><div class="line">| fddd495f-448b-4133-a7d0-4a1970aa57ad | <span class="keyword">in</span>-use | volume1      | 2    | -           | 12633a6f-841f-4f1c-bbb8-8823ede33f07 |</div><div class="line">+--------------------------------------+--------+--------------+------+-------------+--------------------------------------+</div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;然后登陆到实例</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">[root@controller ~]<span class="comment"># ssh cirros@192.168.1.11</span></div><div class="line">cirros@192.168.1.11<span class="string">'s password: </span></div><div class="line"><span class="string">$</span></div></pre></td></tr></table></figure>
<p>&#160;&#160;&#160;&#160;&#160;&#160;&#160;&#160;查看云盘</p>
<figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div></pre></td><td class="code"><pre><div class="line">$ sudo fdisk -l</div><div class="line"> </div><div class="line">Disk /dev/vda: 1073 MB, 1073741824 bytes</div><div class="line">255 heads, 63 sectors/track, 130 cylinders, total 2097152 sectors</div><div class="line">Units = sectors of 1 * 512 = 512 bytes</div><div class="line">Sector size (logical/physical): 512 bytes / 512 bytes</div><div class="line">I/O size (minimum/optimal): 512 bytes / 512 bytes</div><div class="line">Disk identifier: 0x00000000</div><div class="line"> </div><div class="line"> Device Boot Start End Blocks Id System</div><div class="line">/dev/vda1 * 16065 2088449 1036192+ 83 Linux</div><div class="line"> </div><div class="line">Disk /dev/vdb: 2147 MB, 2147483648 bytes</div><div class="line">16 heads, 63 sectors/track, 4161 cylinders, total 4194304 sectors</div><div class="line">Units = sectors of 1 * 512 = 512 bytes</div><div class="line">Sector size (logical/physical): 512 bytes / 512 bytes</div><div class="line">I/O size (minimum/optimal): 512 bytes / 512 bytes</div><div class="line">Disk identifier: 0x00000000</div><div class="line"> </div><div class="line">Disk /dev/vdb doesn<span class="string">'t contain a valid partition table</span></div></pre></td></tr></table></figure>

	

	
		<span class="different-posts"><a href="/2017/10/12/OpenStack/1. 云计算 OpenStack/" onclick="window.history.go(-1); return false;">⬅️ Go back </a></span>

	

</article>

	</main>

	<footer class="footer">
	<div class="footer-content">
		
	      <div class="footer__element">
	<p>Hi there, <br />welcome to my Blog glad you found it. Have a look around, will you?</p>
</div>

	    
	      <div class="footer__element">
	<h5>Check out</h5>
	<ul class="footer-links">
		<li class="footer-links__link"><a href="/archives">Archive</a></li>
		
		  <li class="footer-links__link"><a href="/atom.xml">RSS</a></li>
	    
		<li class="footer-links__link"><a href="/about">about page</a></li>
		<li class="footer-links__link"><a href="/tags">Tags</a></li>
		<li class="footer-links__link"><a href="/categories">Categories</a></li>
	</ul>
</div>

	    

		<div class="footer-credit">
			<span>© 2017 失落的乐章 | Powered by <a href="https://hexo.io/">Hexo</a> | Theme <a href="https://github.com/HoverBaum/meilidu-hexo">MeiliDu</a></span>
		</div>

	</div>


</footer>



</body>

</html>
